On Jul 24, 2006, at 10:43 PM, Roger Rustad wrote:
BTW, all open relay tests thus far show negative.
Only means its not "relaying" doesn't actually mean it isn't sending
boatloads of spam.
You have more than a few options but the first thing I would do is
make yourself an iptables script that does the following:
Blocks all external to box connections on all ports save those your
actually supposed to be using from all external IP addresses.
Blocks all server to external connections on all ports save those
your actually supposed to be going to.
- Optionally block all connections from internal (everything BUT
127.0.0.1) to external network and require any remaining connections
to be strictly limited to specific destinations (ie ssh to your home/
current box).
Good output to check:
netstat -tap & netstat -uap
The command "netstat -a" is good but sometimes it prints to much
information.
