LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page [SOLVED] possible security breach
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
Page 2 of 2 1 2
  Search this Thread
Old 10-12-2009, 06:00 PM   #16
johnh10000
Member
 
Registered: Nov 2008
Distribution: Ubuntu Lucid Lynx
Posts: 541

Original Poster
Rep: Reputation: 33

Quote:
Originally Posted by anomie View Post
I'd recommend that you keep that Ubuntu box physically unplugged (ethernet cable) from the network. You're going to get blacklisted and/or contacted by your ISP regarding abuse.
I have done. I am just hope someone can come up with something b4 wed. I off on holiday.
 
Old 10-13-2009, 01:26 AM   #17
johnh10000
Member
 
Registered: Nov 2008
Distribution: Ubuntu Lucid Lynx
Posts: 541

Original Poster
Rep: Reputation: 33
progress made.
Now I'm less drunk, and looked at it constructivly. As one of the others pointed out lots of port 25 accesses. So I've killed the mail server. Normal service (albit without mail) has been restored.

Now, my question is what happened? how do i find out? mail logs
 
Old 10-13-2009, 03:38 AM   #18
johnh10000
Member
 
Registered: Nov 2008
Distribution: Ubuntu Lucid Lynx
Posts: 541

Original Poster
Rep: Reputation: 33
oopps
Hello,

Please know that according to the provided smtpFilters.script, the
server is configured as an open relay.

In order to configure the server to require authentication to allow
relaying, please follow these steps:
- Login into the Webadmin Interface
- Click 'Acceptance & Routing' under 'Security & Filtering'
- Click 'Routing Basic Settings'
- Enable both 'Allow relaying from any IP' and 'Require authentication'
options
- Click 'Save Configuration'
 
Old 10-13-2009, 11:23 AM   #19
anomie
Senior Member
 
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora
Posts: 3,935
Blog Entries: 5

Rep: Reputation: Disabled
That'll do it. Open relay == bad.
 
  


Reply
Page 2 of 2 1 2



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Yet another thread about a security breach Fredde87 Linux - Security 19 10-16-2009 08:12 AM
Breach in Sendmail Security? bper Linux - Security 2 08-02-2005 05:40 PM
[Security Questions] Last Login, how good is this feature for security breach info? t3gah Linux - Security 2 06-14-2005 01:02 AM
Network Security Breach nbjayme Linux - Security 0 03-17-2004 06:49 PM
Security breach? lhoff Linux - Security 5 02-15-2002 01:33 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 09:57 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration