[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] odd spamming problem

Subject: RE: [cobalt-users] odd spamming problem
From: Ursula <ursulasays@xxxxxxxxxxxx>
Date: Wed Jun 25 05:43:11 2003
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

 --- Dan Kriwitsky <list1@xxxxxxxxxxxxxxxxxxxx> wrote:
> > 
> > Jun 25 09:13:36 crux sendmail[28262]:
> h5ONDaN28260: 
> > to=<george.jones@xxxxxxx>, delay=00:00:00,
> xdelay=00:00:00, 
> > mailer=esmtp, pri=35400, relay=mail.xxx.net.
> [205.173.230.2], 
> > dsn=4.0.0,
> > stat=Deferred: Connection refused by
> mail.tins.net.
> > 
> > Anyone have any ideas on how to investigate
> further
> > and hopefully close up the hole?
> 
> grep 09:13:29 /var/log/httpd/access
> See if there's a CGI script being hit at that time.
> Or just 09:13 incase
> it takes a couple seconds to process.
> 
> -- 
> C2003 Dan Kriwitsky


Unfortunately there's nothing at all suspicious in the
access log, or any of the other logs for that matter. 

My main concern is the UDP port 3049, I'm not sure if
it really is Neomail using CFS or some kind of
bindshell.



=====

--

Ursula


http://mobile.yahoo.com.au - Yahoo! Mobile
- Check & compose your email via SMS on your Telstra or Vodafone mobile.

References:
- RE: [cobalt-users] odd spamming problem
  - From: Dan Kriwitsky

Prev by Date: RE: [cobalt-users] odd spamming problem
Next by Date: [cobalt-users] PHP Problem
Previous by thread: RE: [cobalt-users] odd spamming problem
Next by thread: RE: [cobalt-users] odd spamming problem

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index