|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: [suse-security] Sendmail: Bogus logfile entry
From: Erwin Lam (erwinl
dds.nl)Date: Mon Feb 07 2000 - 02:57:50 CST
- Next message: rbrabe: "[suse-security] chroot"
- Previous message: Heiko Rother: "[suse-security] Sendmail: Bogus logfile entry"
- In reply to: Heiko Rother: "[suse-security] Sendmail: Bogus logfile entry"
- Reply: Erwin Lam: "Re: [suse-security] Sendmail: Bogus logfile entry"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Mon, 7 Feb 2000, Heiko Rother wrote:
HR> Hello,
HR>
HR> does anybody know about the following log entries?
HR> It seems to me as if somebody tried to execute a program on our server
HR> and abused sendmail for that purpose.
HR>
HR> ...
HR> Feb 4 18:44:36 www sendmail[30239]: NOQUEUE: SYSERR: putoutmsg
HR> (node13c7b.a2000.nl): error on output channel sending "220
HR> www.our-domain.de ESMTP Sendmail 8.9.3/8.9.3; Fri, 4 Feb 2000 18:44:36
HR> GMT": Broken pipe
HR> Feb 4 18:44:36 www sendmail[30239]: NOQUEUE: Null connection from
HR> rootlocalhost
HR> ...
I once got a similar message when I was scanning ports on my own
computer, so I guess node13c7b.a2000.nl was doing a portscan.
You can try to send a complaint to abusea2000.nl but I doubt if that is
going to help because A2000 does not consider portscanning an attempt to
break into your computer and, therefore, they will not take any action.
Regards,
Erwin Lam
-- Erwin Lam (erwinl--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe
- Next message: rbrabe: "[suse-security] chroot"
- Previous message: Heiko Rother: "[suse-security] Sendmail: Bogus logfile entry"
- In reply to: Heiko Rother: "[suse-security] Sendmail: Bogus logfile entry"
- Reply: Erwin Lam: "Re: [suse-security] Sendmail: Bogus logfile entry"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]