are you running any processes the would allow the vuln. to show? (examples) e.g. popB4smtp, old formmail scripts etc?
Your system should only have relaying mail allowed for local hosts everything else is denied by default. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Martin Fiumara Sent: 17 October 2001 06:07 To: [EMAIL PROTECTED] Subject: Re: [cobalt-security] Secureing cobalt Raq3 Thanks for the help... the problem is that i had already aplied all the patches before the intrusion came:( I have a bad feeling about sendmail for example. The default installation is 8.9 version... and has vulnerabilities. I wanted to upgrade the sendmail version, but im afraid to ruin the web interface working... Can give some advices? ----- Original Message ----- From: "Robbert Hamburg (HaVa Web- & Processdesign)" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, October 16, 2001 4:01 PM Subject: Re: [cobalt-security] Secureing cobalt Raq3 > ----- Original Message ----- > From: Martin > To: [EMAIL PROTECTED] > Sent: Tuesday, October 16, 2001 8:04 PM > Subject: [cobalt-security] Secureing cobalt Raq3 > > > Im suffering from intrusions. The default installation of the cobalt Raq3 is > weak!!! > Can somebody give me advise about upgradeing daemons, url where i can get > the upgrades (because the cobalt team seems no to worry in provideing > upgrades, the just install a server with a sendmail 8.9 version for > example!!!), anything that can help me please. > Thanks > > > Start here: > http://www.cobalt.com/support/download/raq3.eng.html > http://pkg.nl.cobalt.com/packages/raq/3/ > Search google for: IPCHAINS, > > and search the list archives also in general lots of usefull stuff. > > > HTH Rob > > _______________________________________________ > cobalt-security mailing list > [EMAIL PROTECTED] > http://list.cobalt.com/mailman/listinfo/cobalt-security > _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
