-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 171-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
October 7th, 2002
also sprach Kjetil Kjernsmo [EMAIL PROTECTED] [2002.10.08.1247 +0200]:
The problem with e.g. telnet isn't really that it shouldn't be used for
anything, but that it shouldn't be used by somebody. It is quite OK to
use to check what the webserver responds to a particular request, for
On Tuesday 08 October 2002 13:57, martin f krafft wrote:
Use netcat for that.
[*hm, man netcat*] Yeah, OK, thanks, I didn't know about that.
That way, people with correct privileges could still use telnet for
sensible things, yet the admin would be warned if they did
something very
Hi!
Yesterday I received a report from ordb.org that the server I
administer (lml.bas.bg) is an open relay. This information was used
immediately by spammers. I was able to close the relay a few hours
latter. I have some questions regarding this:
1. The spammers continue attempts to use
Anton Zinoviev [EMAIL PROTECTED] writes:
1. The spammers continue attempts to use lml.bas.bg as a relay. As a
result exim generates about 50Mb log files per hour. How I can stop
exim from logging messages like refused relay to ...?
Any patterns in the attackers? One of the
Hi,
Am 19:03 2002-10-04 +0800 hat Glen Tapley geschrieben:
Hello
I have been having a lot of trouble with my sendmail setup, someone is
using my system. I have found that when I run the last cmd, I find a
lot of strange entries such as
???
ftp ftp p50852BD8.dip.t- Sun Oct 6
On Tue, Oct 08, 2002 at 03:36:15PM +0300, Anton Zinoviev wrote:
Hi!
Yesterday I received a report from ordb.org that the server I
administer (lml.bas.bg) is an open relay. This information was used
immediately by spammers. I was able to close the relay a few hours
latter. I have some
Hi.
Anton Zinoviev wrote:
3. In the log-files of exim I have a huge list of e-mail addresses
of spammers (such as [EMAIL PROTECTED]). Can I do something
useful with them?
As they most possibly are forged: no. Drop them in the dustbin and
forget about them. It is not worth
please don't CC me on lists that I read!
also sprach Kjetil Kjernsmo [EMAIL PROTECTED] [2002.10.08.1402 +0200]:
Oh, wasn't that the point with the harden-clients package? If you
attempt to install a Bad[tm] client, you will be told, because it
conflicts with harden-clients?
Oh, now I
On Tue, Oct 08, 2002 at 12:47:32PM +0200, Kjetil Kjernsmo wrote:
Hi folks!
I just had an idea the other, er..., night, that still seemed smart when
I woke up, so I figured I'll post it here in case it is... :-)
The problem with e.g. telnet isn't really that it shouldn't be used for
also sprach Peter Cordes [EMAIL PROTECTED] [2002.10.08.2008 +0200]:
It uses the telnet protocol, not just a raw TCP connection, so netcat is
inadequate.
netcat can negotiate telnet connections with the -t option. unless you
are using very ancient terminal types, netcat is a complete substitute
On Mon, Oct 07, 2002 at 06:39:15PM +0300, Ivan Jendov wrote:
Received: from rams3.rasd.net (unknown [199.234.146.17])
by murphy.debian.org (Postfix) with ESMTP id 946FC1F415
for [EMAIL PROTECTED]; Mon, 7 Oct 2002 10:09:24 -0500
(CDT)
Received: from store12.cybercity.dk ([194.126.61.17])
i reckon that the real point is: if your users have access to the network
from their account with whatever tools or have access to an editor and gcc,
all of your efforts are gone: just need to use your own copy of
whatever_tool_they_like.
If you want to avoid them to go some places, simply use
Dear listees :)
I got some questions..
Does the lpd packaged with with 3.0r0 currently have any know exploits?
Also, dies the statd, portmap, and other rpc services suffer such things..
Also, What's the bare minumum I need to run and nfs share, say for FAI or
something?
Thanks in
Hi folks!
I just had an idea the other, er..., night, that still seemed smart when
I woke up, so I figured I'll post it here in case it is... :-)
The problem with e.g. telnet isn't really that it shouldn't be used for
anything, but that it shouldn't be used by somebody. It is quite OK to
use
also sprach Kjetil Kjernsmo [EMAIL PROTECTED] [2002.10.08.1247 +0200]:
The problem with e.g. telnet isn't really that it shouldn't be used for
anything, but that it shouldn't be used by somebody. It is quite OK to
use to check what the webserver responds to a particular request, for
On Tuesday 08 October 2002 13:57, martin f krafft wrote:
Use netcat for that.
[*hm, man netcat*] Yeah, OK, thanks, I didn't know about that.
That way, people with correct privileges could still use telnet for
sensible things, yet the admin would be warned if they did
something very
hi ya
if the machines are hardened and so are the network..
if you attempt to do something like telnet,ftp,ppp,pop3s,dhcp...
it just wotn connect/work ...
- firewall will drop those services
becauses its against policy
if the admin is NOT notified/emailed/paged ..
than the
Hi!
Yesterday I received a report from ordb.org that the server I
administer (lml.bas.bg) is an open relay. This information was used
immediately by spammers. I was able to close the relay a few hours
latter. I have some questions regarding this:
1. The spammers continue attempts to use
Anton Zinoviev [EMAIL PROTECTED] writes:
1. The spammers continue attempts to use lml.bas.bg as a relay. As a
result exim generates about 50Mb log files per hour. How I can stop
exim from logging messages like refused relay to ...?
Any patterns in the attackers? One of the
Hi,
Am 19:03 2002-10-04 +0800 hat Glen Tapley geschrieben:
Hello
I have been having a lot of trouble with my sendmail setup, someone is
using my system. I have found that when I run the last cmd, I find a
lot of strange entries such as
???
ftp ftp p50852BD8.dip.t- Sun Oct 6
On Tue, Oct 08, 2002 at 03:36:15PM +0300, Anton Zinoviev wrote:
Hi!
Yesterday I received a report from ordb.org that the server I
administer (lml.bas.bg) is an open relay. This information was used
immediately by spammers. I was able to close the relay a few hours
latter. I have some
On Tue, Oct 08, 2002 at 12:47:32PM +0200, Kjetil Kjernsmo wrote:
Hi folks!
I just had an idea the other, er..., night, that still seemed smart when
I woke up, so I figured I'll post it here in case it is... :-)
The problem with e.g. telnet isn't really that it shouldn't be used for
also sprach Peter Cordes [EMAIL PROTECTED] [2002.10.08.2008 +0200]:
It uses the telnet protocol, not just a raw TCP connection, so netcat is
inadequate.
netcat can negotiate telnet connections with the -t option. unless you
are using very ancient terminal types, netcat is a complete substitute
On Mon, Oct 07, 2002 at 06:39:15PM +0300, Ivan Jendov wrote:
Received: from rams3.rasd.net (unknown [199.234.146.17])
by murphy.debian.org (Postfix) with ESMTP id 946FC1F415
for debian-security@lists.debian.org; Mon, 7 Oct 2002 10:09:24 -0500
(CDT)
Received: from store12.cybercity.dk
i reckon that the real point is: if your users have access to the network
from their account with whatever tools or have access to an editor and gcc,
all of your efforts are gone: just need to use your own copy of
whatever_tool_they_like.
If you want to avoid them to go some places, simply use
---BeginMessage---
-BEGIN PGP SIGNED MESSAGE-
CERT Advisory CA-2002-28 Trojan Horse Sendmail Distribution
Original release date: October 08, 2002
Last revised: --
Source: CERT/CC
A complete revision history is at the end of this file.
Overview
The CERT/CC has
27 matches
Mail list logo