locating origin of spammer
From: Joseph Koening (jWeb) (joe_at_jwebmedia.com)
Date: 09/26/04
- Previous message: Mick Walker: "Re: PHP Install Options Problem"
- Next in thread: Joseph Koening (jWeb): "Re: locating origin of spammer"
- Reply: Joseph Koening (jWeb): "Re: locating origin of spammer"
- Reply: Peter Risdon: "Re: locating origin of spammer"
- Reply: Richard Lynch: "Re: locating origin of spammer"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Sun, 26 Sep 2004 09:41:20 -0500 (CDT) To: freebsd-questions@freebsd.org
I got up this morning and discovered that someone sent some spam through
one of my servers. The messages were sent from the 'www' user on
localhost, which is leading me to think somewhere someone has an insecure
php or perl script that is allowing someone to designate the recipient,
the subject, body, etc. I know the machine is not open-relay (I tested it
to double check) and I checked to make sure no one had actually logged in.
I grepped all of apache's log files looking for sites that received hits
about the same time the mail started going out. What else can I do to find
how the mail is being sent? Thanks,
Joe
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
- Previous message: Mick Walker: "Re: PHP Install Options Problem"
- Next in thread: Joseph Koening (jWeb): "Re: locating origin of spammer"
- Reply: Joseph Koening (jWeb): "Re: locating origin of spammer"
- Reply: Peter Risdon: "Re: locating origin of spammer"
- Reply: Richard Lynch: "Re: locating origin of spammer"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
