[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] OT Hosting company scanning my Cobalt

Subject: RE: [cobalt-users] OT Hosting company scanning my Cobalt
From: "Jolley, Carl" <Carl.Jolley@xxxxxxx>
Date: Fri Aug 16 13:13:02 2002
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

-----Original Message-----
From: No I Won't 
Sent: Friday, August 16, 2002 12:43 PM
To: cobalt-users@xxxxxxxxxxxxxxx
Subject: RE: [cobalt-users] OT Hosting company scanning my Cobalt

Actually, I suggest grepping for "formmail" as the "w00t" may not
necessarily be in the logs, I've noticed that my servers have been hit
constantly today looking for formmail so it can be used to send SPAM from my
box.
-------------------------

Patching the formmail scripts to not accept REQUEST_METHOD = GET requests
will stop 99+% of the formmail exploits. Then requiring the HTTP_REFERRER
for REQUEST_METHOD = POST requests to point to a page on the server will
trap almost all the rest.

Prev by Date: RE: [cobalt-users] OT Hosting company scanning my Cobalt
Next by Date: RE: [cobalt-users] Strange entries in /etc/passwd -- possible sec urity breach
Previous by thread: RE: [cobalt-users] OT Hosting company scanning my Cobalt
Next by thread: RE: [cobalt-users] OT Hosting company scanning my Cobalt

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index