-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Will Parkinson wrote: > Raquel wrote: >> On Mon, 16 Apr 2007 11:26:43 +1000 >> Will Parkinson <[EMAIL PROTECTED]> wrote: >> >> >>>> >>> The reason i ask is that recently a server that i was working on >>> was sending spam emails for some other company that i've never >>> even heard of. I'm just looking at ways to avoid this from >>> happening in the future. As i am new to server security, i'm >>> looking for a way to block non Australian ips while i figure out >>> how this company came to be sending emails from our server. >>> >>> Cheers >>> >>> Will >>> >>> >> >> I don't suppose that was a Windows server that was sending out spam? >> >> > No it was our sever that was sending the spam, so there must of been a > script placed on our server by someone else (ie we were hacked or > something) >
Read the message that Mike Bird sent. It is very important that if your system has been compromised that you take appropriate actions. Plugging the hole is only half of the work. It is possible that there are files on your system that can circumvent any holes you plug. You need to clean the file system first, then plug the holes, and do it off-line. Joe - -- Registerd Linux user #443289 at http://counter.li.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGIx1miXBCVWpc5J4RAiogAKCGzonKpCwpKvoYIPkFJgo7YCJGSgCfdmDm xTkWWKfaMr3w9YfJ9MOKq38= =9Kc8 -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]