Hello Rito, Friday, December 29, 2006, 10:51:59 PM, you wrote:
> On Friday 29 December 2006 07:43, Nyoman D wrote: >> Hello tanya-jawab, >> >> Hari ini saya dapat email dari mailer-daemon yang tidak bisa >> dimengerti, kenapa laporan LogWatch server saya yang dikirim oleh >> root ke root nyasar ke email orang? Saya jadi curiga, masalahnya >> server ini pernah kebobolan lewat scripts php yang gak secure. >> Walaupun pada saat itu tidak berhasil di exploit lebih dalam (dapat >> access root). >> >> Berikut cuplikannya: >> >> ==== Start of Cuplikan ===== >> >> Hi. This is the qmail-send program at rr.com.au. >> I'm afraid I wasn't able to deliver your message to the following >> addresses. This is a permanent error; I've given up. Sorry it didn't work >> out. >> >> <pointer'[EMAIL PROTECTED]>: >> 193.252.22.141 failed after I sent the message. >> Remote host said: 550 Error: Message content rejected >> <cc40629b8352bf2f65dc6c663f26ffb5> >> >> --- Below this line is a copy of the message. >> >> Return-Path: <[EMAIL PROTECTED]> >> Received: (qmail 7624 invoked by uid 0); 26 Dec 2006 04:02:06 -0800 >> Date: 26 Dec 2006 04:02:06 -0800 >> Message-ID: <[EMAIL PROTECTED]> >> From: [EMAIL PROTECTED] >> To: [EMAIL PROTECTED] >> Subject: LogWatch for www.rr.com.au >> >> >> ################### LogWatch 4.3.2 (02/18/03) #################### >> Processing Initiated: Tue Dec 26 04:02:03 2006 >> Date Range Processed: yesterday >> Detail Level of Output: 0 >> Logfiles for Host: www.rr.com.au >> ################################################################ >> >> --------------------- Named Begin ------------------------ >> >> ==== Selesai of Cuplikan ==== >> >> Email tersebut dikirim oleh mailer-daemon, berikut envelopenya: >> From: [EMAIL PROTECTED] >> To: [EMAIL PROTECTED] >> Subject: failure notice >> >> Ada yang bisa menjelaskan kenapa ini bisa terjadi ? >> >> Thanks, >> >> Nyoman. > Sepertinya dianggap spam deh pak ... > -- > Rito > IT Engineer > PT. Sapua Konsultindo Tapi kenapa emailnya (LogWatch Report) yang seharusnya dikirim ke root saja malah dikirim ke pointer'[EMAIL PROTECTED], itu yang jadi tanda tanya pak :) Nyoman.
pgpg3zrM0oNTf.pgp
Description: PGP signature
