Date: Tue, 27 Jan 2004 18:47:52 +0100 From: Geir Svalland <admin@swedehost.com> To: freebsd-questions@freebsd.org Subject: Active System Attack Alerts Message-ID: <200401271847.52402.admin@swedehost.com>
next in thread | raw e-mail | index | archive | help
Hi everybody. Got some strange alerts in my logfiles that I need help to interp. <snip> Active System Attack Alerts =-=-=-=-=-=-=-=-=-=-=-=-=-= Jan 27 02:12:41 odin sendmail[46386]: i0R1CbKR046385: Fixed MIME Content-Type header field (possible attack) Jan 27 02:12:41 odin sendmail[46386]: i0R1CbKR046385: Fixed MIME Content-Type header field (possible attack) Security Violations =-=-=-=-=-=-=-=-=-= Jan 27 02:12:41 odin sendmail[46386]: i0R1CbKR046385: Fixed MIME Content-Type header field (possible attack) Jan 27 02:12:41 odin sendmail[46386]: i0R1CbKR046385: Fixed MIME Content-Type header field (possible attack) Unusual System Events =-=-=-=-=-=-=-=-=-=-= Jan 27 02:12:41 odin sendmail[46386]: i0R1CbKR046385: Fixed MIME Content-Type header field (possible attack) Jan 27 02:12:41 odin sendmail[46386]: i0R1CbKR046385: Fixed MIME Content-Type header field (possible attack) </snip> and from my maillog <snip> cat maillog | grep "02:12:41" Jan 27 02:12:41 odin sendmail[46385]: i0R1CbKR046385: from=<owner-freebsd-questions@freebsd.org>, size=122951, class=-30, nrcpts=1, msgid=<OLECLEAMDPKEDGIGPPAAOEIACNAA.yvette@dbtgroup.com>, proto=ESMTP, daemon=IPv4, relay=mx2.freebsd.org [216.136.204.119] Jan 27 02:12:41 odin sendmail[46386]: i0R1CbKR046385: Fixed MIME Content-Type header field (possible attack) Jan 27 02:12:41 odin sendmail[46386]: i0R1CbKR046385: to=<admin@swedehost.com>, delay=00:00:03, xdelay=00:00:00, mailer=local, pri=207193, relay=local, dsn=2.0.0, stat=Sent </snip> Nothing unusual in any other logfiles. Regards Hasse.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200401271847.52402.admin>