I have checked many sources. The only hack I have found in anything like a
recent version is a DOS attack in version 8. This wouldn't allow anybody to
actually change any files though, just stop PCAnywhere working.
> -----Original Message-----
> From: Michael Jaworski [mailto:[EMAIL PROTECTED]]
> Sent: 24 August 2000 01:04
> To: [EMAIL PROTECTED]
> Subject: [IMail Forum] PCAnywhere
>
>
> Pat is correct. Leaving PCAnywhere on can allow the right guy
> to hit the
> same port that PCAnywhere is working off. Check the
> newsgroups and other non
> PC Anywhere sources to verify this.
>
> Check your permissions on your web server and at the NTFS
> level. If you use
> FrontPage on the site that allows anyone to update the site
> if not properly
> locked down. Back to that "everyone" account.
>
> Might be time to take these issues to MS or more appropriate
> websites/lists
> to work.
>
> Good luck,
>
> Mike
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Adrian
> Sunderland
> Sent: Wednesday, August 23, 2000 4:32 PM
> To: '[EMAIL PROTECTED]'
> Subject: RE: [IMail Forum] Off topic need to restrict hacker
>
>
> Really ?
>
> I have never heard of PCAnywhere being a potential security
> hole (except
> through user stupidity like not setting a password).
> I have also just searched the web and can't find anything
> worth mentioning
> in any recent version of PCAnywhere.
>
> Perhaps you can elaborate, because I certainly can't find any
> evidence of
> PCAnywhere being notorious for holes. I am sure many list members use
> PCAnywhere for remote admin of their IMail installations and
> will be worried
> by your post.
>
> Regards,
>
> Adrian.
>
> > -----Original Message-----
> > From: Pat Chin [mailto:[EMAIL PROTECTED]]
> > Sent: 23 August 2000 22:22
> > To: [EMAIL PROTECTED]
> > Subject: Re: [IMail Forum] Off topic need to restrict hacker
> >
> >
> > a resounding yes. You will want to disable PC Anywhere if you can,
> > especially if this computer is connected to the internet
> directly. PC
> > Anywhere is notorious for holes.
> >
> > -Pat
> > ----- Original Message -----
> > From: "jeff" <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Sent: Wednesday, August 23, 2000 5:52 PM
> > Subject: [IMail Forum] Off topic need to restrict hacker
> >
> >
> > > Sorry about off topic. My imail homepage appears to be a
> > hacker target.
> > He keeps replacing my homepage wiht a stupid html page.
> > >
> > > I am on win2K iis 5. How do these guys get in. Any advice
> > on what I can
> > read to stop this. I just installed pc anywhere & I am
> > wondering if this is
> > related. Any advice appreciated.
> > >
> > > Jeff
> > >
> > > the url is www.asianpride.com. His stupid announcement is at
> > www.asianpride.com/default2.htm
> > >
> > > thanks
> > >
> > >
> > >
> > >
> > > ---------- Original Message ----------------------------------
> > > From: "Dan Shadix" <[EMAIL PROTECTED]>
> > > Reply-To: [EMAIL PROTECTED]
> > > Date: Wed, 23 Aug 2000 11:30:39 -0600
> > >
> > > >Actually, McAfee WebShield SMTP has a pretty nice
> > anti-relay feature.
> > For
> > > >our small site (<250 users) it runs just fine on the
> same server as
> > Imail.
> > > >The content filters are much easier to set up than
> > Imail's, but may not
> > be
> > > >as flexible. No SMTP Auth though.
> > > >
> > > >Dan
> > > >
> > > >-----Original Message-----
> > > >From: [EMAIL PROTECTED]
> > > >[mailto:[EMAIL PROTECTED]]On Behalf Of
> Len Conrad
> > > >Sent: Wednesday, August 23, 2000 9:54 AM
> > > >To: [EMAIL PROTECTED]
> > > >Subject: Re: [IMail Forum] AntiRelay
> > > >
> > > >
> > > >
> > > >>We are running Trend Interscan and I want to know how to
> > lock down our
> > > >Imail
> > > >>server to stop relaying. Interscan runs on port 25 and
> > forwards all
> > email
> > > >to
> > > >>port 10025 where IMail resides. The problem with using
> > the 'accept.txt'
> > > >file
> > > >>is that you need to specifiy individual users who can
> > relay, you cant
> > just
> > > >>put @xyz.com or @abc.com. Is there anyway around this? At
> > present I have
> > a
> > > >>open relay :(
> > > >
> > > >Let' see if I can't add a few "(" to that singular ":("
> > > >
> > > >The pb I've heard with these av scanners front-ending to
> > Internet is
> > > >that they have no anti-relay. They accept everything,
> so the RSS &
> > > >ORBS probes conclude the server is open relay. :((
> > > >
> > > >afaics, closing the relay of Imail does nothing in this
> > above situation.
> > > >:(((
> > > >
> > > >The other pb with AVS + Imail on same machine is SMTP
> > AUTH. You tell
> > > >your users to send their outgoing to Imail.domain.com but
> > :25 is the
> > > >AV thingy, and he can't do SMTP AUTH since he doesn't know
> > about your
> > > >users, only about domains. :((((
> > > >
> > > >Of course, these av scannners are horribly CPU and disk
> > expensive, so
> > > >if you're doing also-expensive Web messaging all on the same box,
> > > >you're stepping in it. :(((((
> > > >
> > > >"Apart from that Mrs. Lincoln, how was the play?"
> > > >
> > > >Whatever, to close relay in Imail:
> > > >
> > > >1. at you border route, block spoofing of your internal ip's.
> > > >
> > > >2. in Imail, "relay for addresses" and enter your adddresses
> > > >
> > > >3. in Imail, NT hosts file, enter your default ip and
> > imail host name.
> > > >
> > > >4. in Imail, UNcheck Disable SMTP AUTH reporting
> > > >
> > > >5. in your users' mail programs, activate SMTP AUTH
> > > >
> > > >Get smart, Phil:
> > > >
> > > >1. put the AV on its own box, with hostname avbox.ISPdomain.com
> > > >
> > > >2. put Imail on its own box.
> > > >
> > > >In DNS:
> > > >
> > > >domain.com. MX 10 avbox.ISPdomain.com.
> > > >mail.domain.com. MX 10 avbox.ISPdomain.com.
> > > >smtp.domain.com. MX 20 smtp.domain.com.
> > > >
> > > >pop.domain.com. A ip of Imail
> > > >smtp.domain.com. A ip of Imail
> > > >webmail.domain.com. A ip of imail
> > > >
> > > >Tell you web surfer to pick up their mail here:
> > http://webmail.domain.com
> > > >
> > > >Tell your users of mail programs:
> > > >
> > > >1. Turn on SMTP AUTH
> > > >2. send outgoing mail to: smtp.domain.com
> > > >3. read POP3 mail at: pop.domain.com
> > > >
> > > >Len
> > > >
> > > >
> > > >http://BIND8NT.MEIway.com: ISC BIND 8.2.2 p5 installable
> > binary for NT4
> > > >http://IMGate.MEIway.com: Build free, hi-perf, anti-spam
> > mail gateways
> > > >
> > > >Please visit http://www.ipswitch.com/support/mailing-lists.html
> > > >to be removed from this list.
> > > >
> > > >An Archive of this list is available at:
> > > >http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
> > > >
> > > >Please visit http://www.ipswitch.com/support/mailing-lists.html
> > > >to be removed from this list.
> > > >
> > > >An Archive of this list is available at:
> > > >http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
> > > >
> > >
> > >
> >
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > > Free Private Email That Supports The Causes You Care About.
> > >
> >
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > > Unleash The Power... http://www.CommunitySpirit.net
> > >
> >
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > > Get a free email address @ GayMail.com, Activists.com,
> BlueEarth.com
> > > Wranglers.com, BlackSpirit.com, PrideStreet.com or over
> 400 others!
> > >
> >
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > >
> > >
> > >
> > >
> > >
> > >
> > > Please visit http://www.ipswitch.com/support/mailing-lists.html
> > > to be removed from this list.
> > >
> > > An Archive of this list is available at:
> > > http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
> > >
> >
> > Please visit http://www.ipswitch.com/support/mailing-lists.html
> > to be removed from this list.
> >
> > An Archive of this list is available at:
> > http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
> >
> Please visit http://www.ipswitch.com/support/mailing-lists.html
> to be removed from this list.
>
> An Archive of this list is available at:
> http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
>
> Please visit http://www.ipswitch.com/support/mailing-lists.html
> to be removed from this list.
>
> An Archive of this list is available at:
> http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
>
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
