List Charter and FAQ at:-----Original Message-----
From: Eldridge, Dave [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 17, 2002 9:43 AM
To: MS-Exchange Admin Issues
Subject: RE: Exchange 5.5 server HACKED!List Charter and FAQ at:List Charter and FAQ at:Now I don't have an excuse to wear my sunglasses when I read my email.List Charter and FAQ at:-----Original Message-----
From: Abercrombie, Sherry [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 17, 2002 8:43 AM
To: MS-Exchange Admin Issues
Subject: RE: Exchange 5.5 server HACKED!:) I even changed the colors....I didn't want to continue to blind others......;)
Sherry Abercrombie - FQ
Data Center Administration Team
Information Technology "With sufficient thrust, pigs fly just fine."List Charter and FAQ at:-----Original Message-----
From: Eldridge, Dave [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 17, 2002 9:17 AM
To: MS-Exchange Admin Issues
Subject: RE: Exchange 5.5 server HACKED!LOL!!! great foof.List Charter and FAQ at:-----Original Message-----
From: Abercrombie, Sherry [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 17, 2002 8:04 AM
To: MS-Exchange Admin Issues
Subject: RE: Exchange 5.5 server HACKED!Okay, I'll have to accept the label of "Foof Queen". Well at least I have some "official" letters to put behind my name now.......
Sherry Abercrombie - FQ
Data Center Administration Team
Information Technology
"With sufficient thrust, pigs fly just fine."-----Original Message-----
From: Jeremiah Watson [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 16, 2002 10:54 AM
To: MS-Exchange Admin Issues
Subject: RE: Exchange 5.5 server HACKED!
That is Insolence. We have all come to respect each other and abuse is part of that. Ask the Foof Queen from yesterday. ;-)
-----Original Message-----
From: Tom Meunier [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 16, 2002 11:51 AM
To: MS-Exchange Admin Issues
Subject: RE: Exchange 5.5 server HACKED!
Why would I do that? I'd like you to use your knowledge to assist new users, rather than call them trolls or put in a cryptic message about "it's been two weeks". I don't care whether you're happy or sad about it. I'm new here, and I didn't know that part of the list charter was to denigrate less-experienced admins rather than answer their question.
> -----Original Message-----
> From: Matthew Carpenter [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, July 16, 2002 10:46 AM
> To: MS-Exchange Admin Issues
> Subject: Re: Exchange 5.5 server HACKED!
>
>
> That is not nice Don.
>
> If he is trying to make me feel bad....he failed.
>
> ----- Original Message -----
> From: "Ely, Don" <[EMAIL PROTECTED]>
> To: "MS-Exchange Admin Issues"
> <[EMAIL PROTECTED]>
> Sent: Tuesday, July 16, 2002 10:21 AM
> Subject: RE: Exchange 5.5 server HACKED!
>
>
> Figures!
>
> -----Original Message-----
> From: Matthew Carpenter [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, July 16, 2002 11:22 AM
> To: MS-Exchange Admin Issues
> Subject: Re: Exchange 5.5 server HACKED!
>
>
> Sorry, I don't get it
>
> ----- Original Message -----
> From: "Tom Meunier" <[EMAIL PROTECTED]>
> To: "MS-Exchange Admin Issues"
> <[EMAIL PROTECTED]>
> Sent: Tuesday, July 16, 2002 10:11 AM
> Subject: RE: Exchange 5.5 server HACKED!
>
>
> This is a FAQ, and I'm afraid to post the link for fear that
> Matthew will flame me, and then say "How about [repost of the
> FAQ link that I had just posted]?".
>
> I'll look at your logs, since that's NOT a FAQ.
>
> > -----Original Message-----
> > From: Dan Schwartz [mailto:[EMAIL PROTECTED]]
> > Sent: Tuesday, July 16, 2002 09:55 AM
> > To: MS-Exchange Admin Issues
> > Subject: RE: Exchange 5.5 server HACKED!
> >
> >
> >
> > OK, does anyone have a list of the ports Exchange 5.5
> > uses, besides 25 & 110?
> >
> > Also, if anyone wants to look at the Event Logs, simply click on:
> > <http://www.rogue-admins.com/dansworld/Exchange_Attack_App_Eve
> > ntlog.zip>
> > [This is a new link & new file from the one previously
> posted by me.]
> >
> > Cheers!
> > Dan
> >
> > "There are two major products that come out of Berkeley:
> LSD and UNIX.
> > We don't believe this to be a coincidence." (Jeremy S. Anderson)
> >
> > >-----Original Message-----
> > >From: Ely, Don [mailto:[EMAIL PROTECTED]]
> > >Sent: Tuesday, July 16, 2002 9:36 AM
> > >Subject: RE: Exchange 5.5 server HACKED!
> > >
> > >
> > >Uhhhh... Telneting to the server alone does NOT mean the
> > server is an
> > >open relay... I can telnet port 25 to any server in the
> world, that
> > >doesn't mean I can relay mail...
> > >
> > >-----Original Message-----
> > >From: Joe Irvine [mailto:[EMAIL PROTECTED]]
> > >Sent: Tuesday, July 16, 2002 9:38 AM
> > >Subject: RE: Exchange 5.5 server HACKED!
> > >
> > >
> > >Actually, no.. if you can telnet to the mail server you can
> > relay. No
> > >hacking needed. This is by the very nature of exchange. I would
> > >recommend looking at not allowing characters like %$! Through your
> > >firewall. Here's a link to check to see if you have an open relay..
> > >
> > >http://www.abuse.net/relay.html
> > >
> > >
> > >
> > >Thanks,
> > >
> > >Joe Irvine
> > > -----Original Message-----
> > >From: Dan Schwartz [mailto:[EMAIL PROTECTED]]
> > >Sent: Tuesday, July 16, 2002 9:30 AM
> > >To: MS-Exchange Admin Issues
> > >Subject: RE: Exchange 5.5 server HACKED!
> > >Importance: Low
> > >
> > >
> > > Look at the 4031 error messages, which indicate SOMEONE
> > is trying to
> > >relay through the server, and since unauthorized relaying is
> > prohibited
> > >that tells me someone has hacked in.
> > >
> > >>-----Original Message-----
> > >>From: William Lefkovics [mailto:[EMAIL PROTECTED]]
> > >>Sent: Tuesday, July 16, 2002 1:03 AM
> > >>To: MS-Exchange Admin Issues
> > >>Subject: RE: Exchange 5.5 server HACKED!
> > >>
> > >>
> > >>Then it's sorta in production then, yes?
> > >>
> > >>Was there a concern other than the 4318's?
> > >>
> > >>-----Original Message-----
> > >>From: Dan Schwartz [mailto:[EMAIL PROTECTED]]
> > >>Sent: Monday, July 15, 2002 9:55 PM
> > >>Subject: RE: Exchange 5.5 server HACKED!
> > >>
> > >>
> > >>
> > >> Yes, it's connected, and the DNS servers have been
> > pointed at it for
> > >about a week...
> > >>
> >
> > ---
> > This attachment has been scanned for hostile code:
> > Checked by AVG anti-virus system (http://www.grisoft.com).
> > Version: 6.0.377 / Virus Database: 211 - Release Date: 7/15/2002
> >
> >
> > List Charter and FAQ at:
> > http://www.sunbelt-> software.com/exchange_list_charter.htm
> >
> >
>
> List Charter and FAQ at:
> http://www.sunbelt-> software.com/exchange_list_charter.htm
>
>
>
>
> List Charter and
> FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
>
> List Charter and FAQ at:
> http://www.sunbelt-> software.com/exchange_list_charter.htm
>
>
>
>
> List Charter and
> FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
>
>List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
List Charter and FAQ at:
http://www.sunbelt-software.com/exchange_list_charter.htm
http://www.sunbelt-software.com/exchange_list_charter.htm
http://www.sunbelt-software.com/exchange_list_charter.htm
http://www.sunbelt-software.com/exchange_list_charter.htm
http://www.sunbelt-software.com/exchange_list_charter.htm
http://www.sunbelt-software.com/exchange_list_charter.htm
http://www.sunbelt-software.com/exchange_list_charter.htm
