Just a thought ...
if you ran the scan on a mail-server,
the scanner would necessarily connect to the SMTP port,
and do various checks on the
server, to identify possible vulnerabilities.
Could that be what you are talking about?
It does a test for SMTP relay capabilities,
that could maybe explain an SMTP connection
with those addresses: It test whether it is possible
to send an email through your server, with
a From-address that is not from your own domain.
Cheers,
Anders :)
> -----Original Message-----
> From: Thuy Trang [mailto:[EMAIL PROTECTED]]
> Sent: 1. juni 2001 16:41
> To: FW1 mailinglist; Reed Mohn, Anders
> Subject: RE: [FW1] WebSite being Hacked!!!
>
>
> it email to from [EMAIL PROTECTED]
> [EMAIL PROTECTED]
> that is the info show in to field
> dont know what in cc field yet
>
> But still it is dangerous, because you dont want other to
> know your system
> vulnerablities
>
> How clear hacker can use this method to scan your system using you
> and go undetect
>
>
> -----Original Message-----
> From: Reed Mohn, Anders [mailto:[EMAIL PROTECTED]]
> Sent: Friday, June 01, 2001 8:33 AM
> To: 'Thuy Trang'
> Subject: RE: [FW1] WebSite being Hacked!!!
>
>
> Are you sure?
> This is news to me...
> What mail address??
>
> Cheers,
> Anders :)
>
>
>
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
