[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Mail relay attempts

> Karl Breitner wrote:
> >Welcome to the world of SPAMfighting
> Our new server has an official IP since last saturday, and no domain 
> name pointing to it yet besides a dyndns-account I abused for testing 
> purpose. Within these three days of operation I had several persons 
> trying to get access to our (non-public) FTP service as well as some 
> probes for the usual IIS-holes that Nimda & Co. like to abuse. How will 
> that be if we will be publically online and "known" through our regular 
> domains? brrr.... :)

  Simple. Random IP-address block scans. Having the box live on the 'net
alone guarantees that it will get some random hits. Prepare to see lot more
of them from here-on.

  Script-kiddies, trying to find suitable hosts for their mass exploitation
tools. Worms, eagerly propagating on their own means; And spammers
(spammerbots?) trying to find open relays they could abuse.

  The only thing you can do is to make damn certain your box does not become
part of the problem.

 Mika Boström      +358-40-525-7347  \-/  "The Hell is empty,
 Bostik@lut.fi    www.lut.fi/~bostik  X    and all the devils
 Security freak, and proud of it.    /-\   are here." -W.S.

Attachment: pgpiTvhL5WH0b.pgp
Description: PGP signature

Reply to: