Date: Thu, 6 Aug 1998 13:13:20 -0700 (PDT) From: Doug White <dwhite@resnet.uoregon.edu> To: Frank Griffith <frankg@idfw.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Security Message-ID: <Pine.BSF.4.00.9808061312320.28098-100000@resnet.uoregon.edu> In-Reply-To: <001801bdbf32$6b8cc6e0$0200a8c0@fast1.dfw.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 3 Aug 1998, Frank Griffith wrote: > I have FreeBSD 2.2.6 running and I connect to the Internet > using a dynamic connection. For kicks, I run Apache 1.3.0 > web server on this same unit. It appears that while I've been > testing my server, some bozo came in and used sendmail > to send some rough and threatening e-mail to someone. My > ISP even cancelled my account until I proved I had nothing > to do with it. > > If someone came in, unathorized that is, and used > my mail server to send mail, which log file would show me > this intrusion? How can I prevent this from happening again? Disable all non-essential services from /etc/rc.conf. You do not need to have sendmail running if you will not be receiving mail at this address. Also rake /etc/inetd.conf for noncritical services. Doug White | University of Oregon Internet: dwhite@resnet.uoregon.edu | Residence Networking Assistant http://gladstone.uoregon.edu/~dwhite | Computer Science Major To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.00.9808061312320.28098-100000>