that server.
Nonetheless, they claim I must have a bot and the mail is not passing
through my own SMTP. And I suspect little traffic is needed for the
alleged bursts. They have no envelope info. Can someone advise on what
port(s) are available for bot detection and/or prevention? In all my
years
It's unlikely that the bot would relay outbound spam through your MTA -
that would be inconvenient, slow and raise some suspicion. If the
provider is right, you most likely have a bit of code running on the
server that is directly connecting to external mail servers. There
could be reasons
including SSH, SMTP and mail queue size all monitored by
Nagios and have had no alerts from that server.
Nonetheless, they claim I must have a bot and the mail is not passing
through my own SMTP. And I suspect little traffic is needed for the
alleged bursts. They have no envelope info. Can
On 5 January 2011 10:47, Jerry Bell je...@nrdx.com wrote:
There could be reasons you
aren't seeing a spike, such as you're only looking at traffic processed by
the MTA, or it simply doesn't show as a material increase on a graph of
traffic on the network interface if the server is busy.
On Wed, Jan 5, 2011 at 8:15 AM, Kevin Wilcox kevin.wil...@gmail.com wrote:
On 5 January 2011 10:47, Jerry Bell je...@nrdx.com wrote:
There could be reasons you
aren't seeing a spike, such as you're only looking at traffic processed by
the MTA, or it simply doesn't show as a material increase
I agree on this point.
That said, I once thought my employer's server was hacked and I ran local
utilities and dug through months of logs only to discover that an install of
either phpBB or phpMyAdmin had a slice of bad code that allowed someone to
install software remotely and run its own p2p
On 5 January 2011 13:25, David Brodbeck g...@gull.us wrote:
On Wed, Jan 5, 2011 at 8:15 AM, Kevin Wilcox kevin.wil...@gmail.com wrote:
To really see what your machine is doing, consider taking a look at
the network flows. pfflowd, netflowd, ipaudit and a host of others can
get you flow data
On 05-Jan-11 1:44 PM, Kevin Wilcox wrote:
On 5 January 2011 13:25, David Brodbeckg...@gull.us wrote:
On Wed, Jan 5, 2011 at 8:15 AM, Kevin Wilcoxkevin.wil...@gmail.com wrote:
To really see what your machine is doing, consider taking a look at
the network flows. pfflowd, netflowd, ipaudit
Yes and no. You want to leave ftp open, too, just in case for port
upgrading/downloading, plus you would want to do monitoring across the wire
(Nagios or something, maybe?). You could, though, do a dual-NIC setup and have
one be a private network LAN for the servers if you aren't already
On Wed, Jan 5, 2011 at 1:48 PM, Mark Moellering m...@msen.com wrote:
That's an excellent point. A span port from the upstream switch/router
Since I am going to be setting up a mail server sometime next week and have
to keep things like this in mind;
would it make sense to run pf and block
Hi all,
Checking my mrtg and trafshow this morning I seem to have an ircd bot
running on one of my servers.
Does anyone know where I might find some info on 'gtn'??
ps -ax:
62067 1 www Wed Oct 17 20:49:47 2007 gtn (perl5.8.8)35990 1
www Wed Oct 17 18:15:59 2007
Hi all,
I missed one to. I have never seen this process befor, any ideas?
6313 1 Mon Oct 15 19:34:39 2007 0:02.71 [prox]
- Original Message -
From: Grant Peel
To: freebsd-questions@freebsd.org
Sent: Thursday, October 18, 2007 7:53 AM
Subject: gtn bot ?
Hi all
Does anyone know where I might find some info on 'gtn'??
It would be advisable to review the thread entitled Strange perl
script that is currently active on the list, dated from Oct 17th.
Steve
___
freebsd-questions@freebsd.org mailing list
--On Thursday, October 18, 2007 08:28:46 -0400 Grant Peel
[EMAIL PROTECTED] wrote:
Hi all,
I missed one to. I have never seen this process befor, any ideas?
6313 1 Mon Oct 15 19:34:39 2007 0:02.71 [prox]
The problem with this approach is that the bad guys don't try to accomodate
14 matches
Mail list logo
