Re: sendmail spamming

["Don Jones" <don.jones () linuxmail org>]

> I noticed CPU activity spikes on the email server and found that our web 
> server was spamming our email server due to the classic formmail exploit.

Can I suggest replacing all your cgi scripts downloaded from the web with secure alternatives. There is a sourceforge 
project called nms ( http://nms-cgi.sourceforge.net/ ) whose aim is to write secure versions of many common cgi scripts 
( http://nms-cgi.sourceforge.net/scripts.shtml ). As others have pointed out there are tools like rfp's whisker which 
are designed to find insecure cgi's which can then be used as spam relays or mailbomb (MTA/MUA DoS) relays.

Re: [fw-wiz] traffic analysis

In regards to the log analysis, perl extreamly well suited for this task as there are many modules avalible ( 
http://search.cpan.org/ ) and it has very strong regex and text processing capabilities. It is a true swiss army 
chainsaw for any sys admin/network engineer.

Re: [fw-wiz] Benefit of firewall over NAT-only 'protected' network

irc.freenode.net is usually my first port of call for tech support (eg I was on #sendmail today, and solved a 
mailserver issue.), but it's is not exactly a valid tool for most users, but can be for techies. 

"The rules of proprietary software break down cooperation between programmers separated by company boundaries, even 
when such cooperation can be of benefit to both organizations."
-- 
______________________________________________
http://www.linuxmail.org/
Now with e-mail forwarding for only US$5.95/yr

Powered by Outblaze
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards