At 23:28 27-9-2002, you wrote:
>Received: from MYCONNEX-7T28NQ.myconnext.com by inet.alexb.ch
[..]
>I run the a latest version of sambar on a w2k server machine. I am having
>insane amounts of spam coming through my server, I have been blacklisted
>by just about everyone. I require auth to send messages and I don't think
>people are able to relay through me. I tried www.abuse.net/relay.html and
>all tests came up negative.
>
>Any ideas?
[[EMAIL PROTECTED]] ~
# nmap -sT -O -v MYCONNEX-7T28NQ.myconnext.com
Starting nmap V. 2.53 by [EMAIL PROTECTED] ( www.insecure.org/nmap/ )
Host (64.243.139.11) appears to be up ... good.
Initiating TCP connect() scan against (64.243.139.11)
Adding TCP port 135 (state open).
Adding TCP port 139 (state open).
Adding TCP port 1025 (state open).
Adding TCP port 53 (state open).
Adding TCP port 445 (state open).
Adding TCP port 3389 (state open).
Adding TCP port 1031 (state open).
The TCP connect scan took 39 seconds to scan 1523 ports.
For OSScan assuming that port 53 is open and port 1 is closed and neither
are firewalled
Interesting ports on (64.243.139.11):
(The 1516 ports scanned but not shown below are in state: closed)
Port State Service
53/tcp open domain
135/tcp open loc-srv
139/tcp open netbios-ssn
445/tcp open microsoft-ds
1025/tcp open listen
1031/tcp open iad2
3389/tcp open msrdp
TCP Sequence Prediction: Class=random positive increments
Difficulty=113479 (Good luck!)
Sequence numbers: FB87EF85 FB8B15F8 FB8EA042 FB900F63 FB89CBD7
Remote operating system guess: MS Windows2000 Professional RC1/W2K Advance
Server Beta3
Nmap run completed -- 1 IP address (1 host up) scanned in 60 seconds
3389 is the default port for several windows proxies (and squid in some
configs).
Do you have that running?
With kind regards,
Melvyn Sopacua
$ grep ^info /etc/aliases
info: "| /bin/cat >/dev/null"
-------------------------------------------------------
To unsubscribe please go to http://www.sambar.ch/list/
