Re: [exim] Am I Hacked?

Pàgina inicial
Delete this message
Reply to this message
Autor: Heiko Schlittermann
Data:  
A: exim-users
Assumpte: Re: [exim] Am I Hacked?
Rick Lutowski <rick@???> (Do 04 Jan 2007 18:11:34 CET):
> Graeme Fowler wrote:
> >
> > Renaud was using the telnet client application on his machine to talk to
> > the Exim SMTP server on yours. There's no evidence of a telnet server
> > existing on your server, but you can betcha someone would already have
> > got you if there was :)
>
> Which is why telnet, ftp, etc is not running!


But qpopper (which had some security problems), and some other
applications which do not have to be secure per se.

> Is there any way to disable the kind of access he
> demonstrated without compromising normal exim
> operation?


I'm not sure if in Exim 3.x you could reject unknown users already at
SMTP time, but if you'd upgrade to Exim 4.x: you can.
(AFAIR Debians install script tries to convert the config, but I'm not
sure, so be prepared to be challenged :))


    Best regards from Dresden
    Viele Grüße aus Dresden
    Heiko Schlittermann
-- 
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann HS12-RIPE -----------------------------------------
 gnupg encrypted messages are welcome - key ID: 48D0359B ---------------
 gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2  7E92 EE4E AC98 48D0 359B -