[lug] how many ways to relay port 220?
D. Stimits
stimits at comcast.net
Sun Jan 18 22:24:05 MST 2004
I've even seen a hit now on a 2nd machine with a different version of
KRUD on it, whereby the machine local tcp port 6129 is trying to send
outbound to random (or seemingly so) port 220 tcp ports. I don't think
the machines are compromised (never know for sure till I figure exactly
what is going on).
How many ways are there to try and cause a redhat machine to forward to
imap port 220? Or to relay? What incoming ports can I check? Incoming 25
and imap are all blocked, and most any vulnerable port is also blocked.
D. Stimits, stimits AT comcast DOT net
More information about the LUG
mailing list