I would check the access to the MSSQL server first... If the user has
access to the database he has access to all passwords.
But you're saying that you're being blackmailed by one of your own users!?
If you have an address, I recommend a house-visit.
--
Regards,
Terrence Koeman
Technical Director/Administrator
MediaMonks B.V. (www.mediamonks.nl)
Please quote all replies in correspondence.
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Kyrre Wathne
> Sent: Thursday, September 20, 2001 2:47 PM
> To: [EMAIL PROTECTED]
> Subject: [IMail Forum] Blackmail by hacker
>
>
> Hello. I'm being blackmailed by a user who claims he has gained
> unauthorized
> access to other users' accounts. I'm running IMail 6.06 with the
> user db in
> MSSQL 7. Am also running IIS5 on the same server. Any ideas on how I can
> track down potential security holes?
>
> Thanks,
>
> Kyrre
>
>
> Please visit http://www.ipswitch.com/support/mailing-lists.html
> to be removed from this list.
>
> An Archive of this list is available at:
> http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
>
smime.p7s
