Re: [exim] Am I Hacked?

Etusivu
Poista viesti
Vastaa
Lähettäjä: Heiko Schlittermann
Päiväys:  
Vastaanottaja: exim-users
Aihe: Re: [exim] Am I Hacked?
Rick Lutowski <rick@???> (Do 04 Jan 2007 04:59:49 CET):
> I've been using exim on debian 'out of the box' for years with

...
> no apparent problems. Recently I've been getting indications

...>
> I should point out my server is locked down pretty tight as far
> as remote access is concerned. I do not run ftp, telnet, or
> any other remote access services. The only active net services
> are exim and apache. If someone has gained access, it is most
> likely via one of these two packages. I just did a full debian


Not even SSH?
Some version information about the packages you mention and about the
kernel could be helpful. (Even I do not know about weakness of some
versions, but this could be found in the archives.)

If mail.jreality.com is the mailserver in question, I'd guess, there's
is some work to be done.

    mail.jreality.com:
    Interesting ports on adsl-65-68-229-225.jreality.com (65.68.229.225):
    PORT    STATE SERVICE   VERSION
    9/tcp   open  discard?
    13/tcp  open  daytime
    25/tcp  open  smtp      Exim smtpd 3.36
    37/tcp  open  time       (32 bits)
    80/tcp  open  http      Apache httpd 1.3.33 ((Debian GNU/Linux))
    98/tcp  open  linuxconf Linuxconf (Access denied)
    110/tcp open  pop3      Qpopper pop3d 4.0.5
    111/tcp open  rpcbind    2 (rpc #100000)
    113/tcp open  ident     OpenBSD identd
    Device type: general purpose
    Running: Linux 2.1.X|2.2.X
    OS details: Linux 2.1.19 - 2.2.25
    Uptime 2.430 days (since Mon Jan  1 23:13:58 2007)
    Service Info: Host: www.jreality.com; OS: OpenBSD



    Best regards from Dresden
    Viele Grüße aus Dresden
    Heiko Schlittermann
-- 
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann HS12-RIPE -----------------------------------------
 gnupg encrypted messages are welcome - key ID: 48D0359B ---------------
 gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2  7E92 EE4E AC98 48D0 359B -