Server hacked... 2003-06-14 - By Jeff Kinz
Back
On Sat, Jun 14, 2003 at 06:23:49PM +0530, System wrote:
NOTE - please, reconfigure your Outlook client to use only one
line for attribution. This is the standard for email lists, as shown
above. (your using five lines.)
> -- -- Original Message -- --
> From: "Jeff Kinz" <jkinz@(protected)>
> To: <enigma-list@(protected)>
> Sent: Saturday, June 14, 2003 6:10 PM
> Subject: Re: Server hacked...
>
> Will upgrading the kerel help. I am currently using 2.4.18-27.7.x
> version.
No - you must reconfigure your MTA (Mail Transport Agent)
>
> I am using exim on my server. How dow I stop this?
I believe Exim is an MUA (Mail User Agent). According to the info you
posted in your first email :
>> 6187 root 0 3.0 0.5 sendmail
>> 6163 root 0 2.9 0.5
>> /usr/sbin/exim-MCS-MCP-MCremote_smtpmx2.mail.yahoo.com219R55Q-0003AL-00
>> 6182 root 0 2.9 0.5 sendmail
>> 6190 root 0 2.9 0.5
Sendmail seems to be active and is probably acting as your MTA.
(MTA actually sends the mail to its destination system, MUA displays
mail to the user, MDA, "Mail delivery Agent" puts the mail in the user's
mail box once the mail has arrived on the user's system.)
You must reconfigure your sendmail.mc file and regenerate your
sendmail.cf file
To stop sendmail: (do these as root)
service sendmail stop
The edit sendmail.mc as noted in my last two emails
Then (as root) regenerate sendmail.cf
m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
And restart sendmail
service sendmail start
--
Jeff Kinz, Open-PC, Emergent Research, Hudson, MA. jkinz@(protected)
copyright 2003. Use is restricted. Any use is an
acceptance of the offer at http://www.kinz.org/policy.html.
Don't forget to change your password often.
|
|
