HP3000-L Archives

May 2002, Week 5

HP3000-L@RAVEN.UTC.EDU
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
HP9000 question
From:
Dave Knispel <[log in to unmask]>
Reply To:
Dave Knispel <[log in to unmask]>
Date:
Fri, 31 May 2002 11:24:38 -0400
Content-Type:
text/plain
Parts/Attachments:
text/plain (23 lines) 
To the list,

I know this doesn't belong here, but I thought someone here might have an
idea on how to help me...

Last night someone hacked into my HPUX server and using sendmail was using
my system as a mail relay.  I've fixed that.  No more mail relay, but they
are still trying.  I currently have 10 sendmail connections from assorted IP
addresses outside our walls.  I can't figure out how they are getting into
the network past the firewall.

Here's the question...

Is there anyway to trace an active connection from the HP9000 backwards so I
can figure out how it is entering my network?
David Knispel
[log in to unmask]
Phone: 513-248-5029
Fax: 513-248-2672

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

ATOM RSS1 RSS2