[ale] got hacked
Geoffrey
esoteric at 3times25.net
Fri Feb 27 05:53:30 EST 2004
Emil P. Man wrote:
> Geoffrey wrote:
>
>> Emil P. Man wrote:
>>
>>> alers,
>>>
>>> okay I am so embarassed to come to you guys with this, but I got
>>> hacked :( Secure OS, bad Sysadmin from my part. I was running some
>>> tests on my postfix MTA and just glanced at the logs. I became a spam
>>> relay for sure :(
>>> now the question is, what do i do? I need to secure this box, amd I
>>> would like to know if you guys have seen a howto on securing your box
>>> so it doesn't get turned into a spam box like mine did :(
>>
>>
>>
>> Are you sure you've been hacked or is it simply poor email config? If
>> you've truly been hacked, you should reinstall.
>>
> okay, it is just poor e-mail config. I ran a network security scan
> against the machine and it seems that the smtp server (postfix) allows
> relaying from the outside. Hope I fixed it now, here is a little output
> from #postsuper -d ALL:
> Feb 26 18:53:40 synban postfix/postsuper[1672]: Deleted: 91578 messages
> that was the postfix queue... GOD!
What distribution is this? I'm surprised the default configuration
permitted relaying.
--
Until later, Geoffrey Registered Linux User #108567
Building secure systems inspite of Microsoft
More information about the Ale
mailing list