More info please...
Regards,
Hamish Stanaway
-= KoRe WoRkS =- Internet Security
Owner/Operator
Auckland, New Zealand
http://www.koreworks.com/
Is your box REALLY secure?
From: "Bill" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Subject: Proxy+ Trojan
Date: Sat, 1 Feb 2003 00:33:48 -0600
MIME-Version: 1.0
Received: from outgoing3.securityfocus.com ([205.206.231.27]) by mc6-f3.law1.hotmail.com with Microsoft SMTPSVC(5.0.2195.5600); Mon, 3 Feb 2003 11:22:56 -0800
Received: from lists.securityfocus.com (lists.securityfocus.com [205.206.231.19])by outgoing3.securityfocus.com (Postfix) with QMQPid 8094FA30DE; Mon, 3 Feb 2003 11:49:43 -0700 (MST)
Received: (qmail 9098 invoked from network); 1 Feb 2003 06:33:06 -0000
X-Message-Info: dHZMQeBBv44lPE7o4B5bAg==
Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm
Precedence: bulk
List-Id: <security-basics.list-id.securityfocus.com>
List-Post: <mailto:[EMAIL PROTECTED]>
List-Help: <mailto:[EMAIL PROTECTED]>
List-Unsubscribe: <mailto:[EMAIL PROTECTED]>
List-Subscribe: <mailto:[EMAIL PROTECTED]>
Delivered-To: mailing list [EMAIL PROTECTED]
Delivered-To: moderator for [EMAIL PROTECTED]
Message-ID: <057301c2c9bb$e211cd40$6501a8c0@develop1>
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1106
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
Return-Path: [EMAIL PROTECTED]
X-OriginalArrivalTime: 03 Feb 2003 19:22:56.0703 (UTC) FILETIME=[A7F4ECF0:01C2CBB9]
Someone installed Proxy+ on one of our servers (Win2K/IIS5) and left it open
on a high port for spammers. I've shut it down, but how do I prevent them
from doing this again?
_________________________________________________________________
Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail
