|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Blackholed because of an open proxy
From: Luke Tymowski (luke.tymowski
gmail.com)
Date: Fri Jul 02 2004 - 09:48:02 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello,
I was backholed last night. I'm running the latest stable release and
Postfix is locked down against relaying. One of the blackhole sites
gives a bit more information than the others - they say I have a proxy
running on port 80.
All I can think of is the MoveableType mt-send-entry.cgi - they had a
massive breach late last year. (They didn't do any checking on the
values returned to the cgi, so the spammers injected their own headers
and list of spam recipients.) I patched it then.
I've disabled all the mt-send-entry.cgi files. But I can't tell if
this is the issue or not.
But can anyone tell me how I can go about finding out exactly how I'm
vulnerable?
The blackhole admins seem to think I'm vulnerable and apparently can
take advantage of whatever is open.
I've been at this for over five hours and can't find anything.
Below is the result of the mail-abuse.org test.
thanks,
Luke
-------------------------------------------------------
Fri Jul 2 04:35:03 2004
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]