Re: [vox] Mean to Linux... Mean to OpenSource... :-/
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [vox] Mean to Linux... Mean to OpenSource... :-/
At the time it looked like they used this bug in
SquirrelMail 1.2.7 to gain access to the account
as the apache user. They then installed some
IRC botish software and a port redirector on the
box. I isolated a root kit that they had tried,
but it doesn't look like they were successful in
getting more than apache rights.
http://www.iss.net/security_center/static/10145.php
I have tried to update the box fresh, but have
run into some problems... iptables which someone
on vox helped me with. My current problem is
getting sendmail working again. I am hosting
multiple domains and the setup that I was using
for sendmail is not working.
I was having two problems. First, sendmail was
listening on 127.0.0.1 instead of an external
interface. I was able to solve that problem, but
I am still having a problem with sendmail rejecting
outside mail.
Has anyone seen this before? I saw something on a
newsgroup that suggested setting up aliases, but I
didn't have to do that in the past. Its probably
something simple that I'm missing. I have been
able to get away with linux-conf in the past for
setting up sendmail...
Joel
[-- Attachment #1 --]
[-- Type: text/plain, Encoding: 7bit, Size: 0.5K --]
The original message was received at Sun, 24 Nov 2002 04:09:04 -0800
from jbaumert@localhost
----- The following addresses had permanent fatal errors -----
kender@geeksource.net
(reason: 550 5.7.1 <kender@geeksource.net>... Relaying denied)
----- Transcript of session follows -----
... while talking to mail.geeksource.net.:
>>> RCPT To:<kender@geeksource.net>
<<< 550 5.7.1 <kender@geeksource.net>... Relaying denied
550 5.1.1 kender@geeksource.net... User unknown
[-- Attachment #2 --]
[-- Type: message/delivery-status, Encoding: 7bit, Size: 0.3K --]
Reporting-MTG: dns; demo.zweng.com
Arrival-Date: Sun, 24 Nov 2002 04:09:04 -0800
Final-Recipient: RFC822; kender@geeksource.net
Action: failed
Status: 5.7.1
Remote-MTA: DNS; mail.geeksource.net
Diagnostic-Code: SMTP; 550 5.7.1 <kender@geeksource.net>... Relaying denied
Last-Attempt-Date: Sun, 24 Nov 2002 04:09:04 -0800
[-- Attachment #3 --]
[-- Type: message/rfc822, Encoding: 7bit, Size: 0.5K --]
Date: Sun, 24 Nov 2002 04:09:03 -0800
From: jbaumert@demo.zweng.com
To: kender@geeksource.net
Subject: test test test
User-Agent: Mutt/1.2.5i
asdfsadf;asdlkfja;sdlfkjas;dflkj
On Wed, Nov 27, 2002 at 02:55:06PM -0800, Peter Jay Salzman wrote:
> begin Joel Baumert <kender@geeksource.net>
> >
> > Maybe by distribution: 95, 98, 98 OSR1 98 OSR2, NT 3.5 SPx,
> > NT 4.0 SPx, 2000 SPx, ME, CE, 2000 SP2, 2000 SP3, XP Home,
> > XP Pro, etc :-). There are alot of Windows variants...
> > Too bad they are so fragmented :-).
>
> guffaw! that was a funny quip! :-)
>
> > I had my Linux system broken into a couple of months ago
> > because of an exploit in Squirrel Mail...
>
> not that i use squirrel mail (i'm not even sure i know what it is. it's
> a mail client?), but i'm curious. if you have the time, can you post
> what happened?
>
> pete
> _______________________________________________
> vox mailing list
> vox@lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox
_______________________________________________
vox mailing list
vox@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox
|
