ports
open 21 25 80 90 110 3389 8181 8383(now 8381)
weblogs show only inktomi (slurp)
domain
in question is missbeverlyhills.com (soon to have free email service at client's
request)
seems
like a portsniffer was used, but i used retina from my side, both on the box and
off the box for vulnerabilities. nmap, etc...
.acc
file from our buddy at famhosts was implimented...
as you
can see, he changes ips every few minutes. today's log file is
9mb
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jason Newland
Sent: Sunday, February 16, 2003 10:19 PM
To: [EMAIL PROTECTED]
Subject: RE: [IMail Forum] imail, meltdown
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jason Newland
Sent: Sunday, February 16, 2003 10:19 PM
To: [EMAIL PROTECTED]
Subject: RE: [IMail Forum] imail, meltdown
The log file below shows that you are in the middle of your garden variety dictionary attack. You have several options to repel this...border router, .acc file, etc, but this doesn't explain your original post about webmail crashing your smtp. Can you also provide logs from your web log files...?Jason
