[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] spam exploits

Subject: Re: [cobalt-users] spam exploits
From: Gerald Waugh <gwaugh@xxxxxxxxxxxxxxxxxxxxxxx>
Date: Fri Apr 11 15:07:00 2003
Organization: Front Street Networks LLC
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

On Friday 11 April 2003 17:39, Dan Kriwitsky wrote:
> > I've got a static IP account for my webserver.
> >
> > My webserver has been exploited for porno spams over the last
> > 48 hours. My logs say it's being relayed from 66.159.211.40,
> > which belongs to DSLExtreme, provider of my static IP, and is
> > NOT my static IP, though close.
> >
> > I've done various things on my 550 webserver, like IP Address
> > Allocation to no longer accept the above.
> >
> > So, what needs to be done now to plug this up and can DSLE do
> > anything?
>
> What do you mean by "exploited"?

try this as root.
iptables -A INPUT -p tcp -s 66.159.211.40 -j DROP

Gerald
-- 
http://frontstreetnetworks.com | http://store.raqware.com
Front Street Networks LLC      |  Phone: 203-785-0699
229 Front Street, Ste #C, New Haven, CT 06513-3203

References:
- RE: [cobalt-users] spam exploits
  - From: Dan Kriwitsky

Prev by Date: Re: [cobalt-users] Sendmail features
Next by Date: RE: [cobalt-users] formmail relaying spam
Previous by thread: RE: [cobalt-users] spam exploits
Next by thread: RE: [cobalt-users] formmail relaying spam

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index