[CentOS] attack
Fernando Hallberg
fernando at flexdigital.com.br
Thu Dec 24 16:55:12 UTC 2009
Hi,
I'm have a repo with many security tools.. if you can test... i'm upload a few packages from fedora, other sources, and created by me..
http://flexbox.sourceforge.net/centos/5/i386/flexbox-release-1-1.noarch.rpm
Try to install sectool, and verify your system..
You can try to use fail2ban for list maillog, and blacklists ips...
I'm using fail2ban+shorewall+ipset
Fernando.
On Thu, 24 Dec 2009 14:48:30 +0000
"Manu Verhaegen" <maverh at telenet.be> wrote:
> Hi,
>
> i ame checking this
>
> thanks,
> Manu
>
>
> -----Oorspronkelijk bericht-----
> Van: centos-bounces at centos.org [mailto:centos-bounces at centos.org] Namens Kai Schaetzl
> Verzonden: donderdag 24 december 2009 15:32
> Aan: centos at centos.org
> Onderwerp: Re: [CentOS] attack
>
> Obviously, if you are running several vhosts and plesk you likely have
> other logs to check. Also, one can usually see the origin of the mail
> injection in the maillog (e.g. complaints about setting to an unsafe
> sender) or in the outgoing messages. At runtime you can see the connects
> with full URLs on the apache status page.
>
> Kai
>
> --
> Kai Schätzl, Berlin, Germany
> Get your web at Conactive Internet Services: http://www.conactive.com
>
>
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
>
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
--
Fernando Hallberg <fernando at flexdigital.com.br>
Flex Digital Soluções em Redes de Dados
http://www.flexdigital.com.br
More information about the CentOS
mailing list