[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Relay Mail Issue

Subject: Re: [cobalt-security] Relay Mail Issue
From: "Kevin D" <kdlists@xxxxxxxxxxxxxxx>
Date: Mon, 21 Aug 2000 16:30:46 -0400

> Information:
> The user account in question does not have shell access
> Had never FTP'd into the site
> The only logon is via POP
> His SMTP is handled via his own ISP
> He has no mailing lists (majardomo) running
> He has no CGI scripts running
> He does not have mail forwarding enabled
> No FrontPage Extensions
> No Server Side Includes

Does the user show up in the GUI admin? If not, it was obviously added
surreptitiously... otherwise, a hacker could have gotten into the system and
stolen the account info/changed the password.

I would do a portscan on your system to check for trojans, and advise users
to change their passwords. Your system might still be compromised.

Kevin

Follow-Ups:
- Re: [cobalt-security] Relay Mail Issue
  - From: Seth Mos

References:
- [cobalt-security] Relay Mail Issue
  - From: Malcolm Wild

Prev by Date: [cobalt-security] Relay Mail Issue
Next by Date: Re: [cobalt-security] Relay Mail Issue
Previous by thread: [cobalt-security] Relay Mail Issue
Next by thread: Re: [cobalt-security] Relay Mail Issue

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index