Hi,
i ame checking this
thanks, Manu
-----Oorspronkelijk bericht----- Van: centos-bounces@centos.org [mailto:centos-bounces@centos.org] Namens Kai Schaetzl Verzonden: donderdag 24 december 2009 15:32 Aan: centos@centos.org Onderwerp: Re: [CentOS] attack
Obviously, if you are running several vhosts and plesk you likely have other logs to check. Also, one can usually see the origin of the mail injection in the maillog (e.g. complaints about setting to an unsafe sender) or in the outgoing messages. At runtime you can see the connects with full URLs on the apache status page.
Kai
Hi,
I'm have a repo with many security tools.. if you can test... i'm upload a few packages from fedora, other sources, and created by me..
http://flexbox.sourceforge.net/centos/5/i386/flexbox-release-1-1.noarch.rpm
Try to install sectool, and verify your system..
You can try to use fail2ban for list maillog, and blacklists ips...
I'm using fail2ban+shorewall+ipset
Fernando.
On Thu, 24 Dec 2009 14:48:30 +0000 "Manu Verhaegen" maverh@telenet.be wrote:
Hi,
i ame checking this
thanks, Manu
-----Oorspronkelijk bericht----- Van: centos-bounces@centos.org [mailto:centos-bounces@centos.org] Namens Kai Schaetzl Verzonden: donderdag 24 december 2009 15:32 Aan: centos@centos.org Onderwerp: Re: [CentOS] attack
Obviously, if you are running several vhosts and plesk you likely have other logs to check. Also, one can usually see the origin of the mail injection in the maillog (e.g. complaints about setting to an unsafe sender) or in the outgoing messages. At runtime you can see the connects with full URLs on the apache status page.
Kai
-- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos