Also make sure you run some updates on your Imail smtp server because
Imail 6.06 has a Remote System Access Vulnerability. Also see
http://www.eeye.com/html/Research/Advisories/AD20010424.html
-Arthur
> -----Original Message-----
> From: Terrence Koeman [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, September 20, 2001 4:02 PM
> To: [EMAIL PROTECTED]
> Subject: RE: [IMail Forum] Blackmail by hacker
>
>
> I would check the access to the MSSQL server first... If the user has
> access to the database he has access to all passwords.
>
> But you're saying that you're being blackmailed by one of
> your own users!?
>
> If you have an address, I recommend a house-visit.
>
> --
> Regards,
>
> Terrence Koeman
>
> Technical Director/Administrator
> MediaMonks B.V. (www.mediamonks.nl)
>
> Please quote all replies in correspondence.
>
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED]]On Behalf Of
> Kyrre Wathne
> > Sent: Thursday, September 20, 2001 2:47 PM
> > To: [EMAIL PROTECTED]
> > Subject: [IMail Forum] Blackmail by hacker
> >
> >
> > Hello. I'm being blackmailed by a user who claims he has gained
> > unauthorized
> > access to other users' accounts. I'm running IMail 6.06 with the
> > user db in
> > MSSQL 7. Am also running IIS5 on the same server. Any ideas
> on how I can
> > track down potential security holes?
> >
> > Thanks,
> >
> > Kyrre
> >
> >
> > Please visit http://www.ipswitch.com/support/mailing-lists.html
> > to be removed from this list.
> >
> > An Archive of this list is available at:
> > http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
> >
>
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
