[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-users] open relay appears closed on Qube3 but is still blocked by blacklists
- Subject: RE: [cobalt-users] open relay appears closed on Qube3 but is still blocked by blacklists
- From: "A Larter" <alarter@xxxxxxxxxxxxxxxxxxx>
- Date: Tue Sep 24 01:05:01 2002
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
Hi,
> Port 3128 is squid, used for web caching. There is a known
> exploit for
> that version of squid. Turn off web caching and your problem
> should go away.
Thanks for the pointers. Squid is inactive now, but I'm still seeing
sendmail connections in the ps list and netstat. eg:
ps -ax
31967 ? S 0:00 sendmail: q1/g8N6ad003012 kito.icns.com.:
user open
31968 ? S 0:00 sendmail: q2/g8M8scL26658 mail2.kali.com.cn.:
user open
31970 ? S 0:00 sendmail: q4/g8LIUVL05555 www.renetcom.net.:
user open
netstat -a
tcp 0 1 ckqube-eth1.client:4143 kito.icns.com:smtp
SYN_SENT
tcp 0 1 ckqube-eth1.client:4142 kito.icns.com:smtp
SYN_SENT
This is weird - I thought I'd deactivated sendmail according to the
instructions in the archive, like I said, but I can't seem to kick these
users off. When I kill the process, they just come right back again.
Any ideas? I'd be really grateful. Thanks!
---