Hi. Thanks for your input. It seems the matter is now resolved. After being
threatened with the police, the user dropped his demand for money and told
me what he'd done. He claims to have manipulated the URLs other users have
used to link publicly to images in their inbox to gain complete access to
their account. I haven't had a chance to verify this yet, but this is fairly
obscure in any event.
Again, thanks.
Kyrre
> -----Opprinnelig melding-----
> Fra: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]P� vegne av John
> Tolmachoff
> Sendt: 20. september 2001 15:49
> Til: [EMAIL PROTECTED]
> Emne: RE: [IMail Forum] Blackmail by hacker
>
>
> There is a lot of information about your setup you have left out, but
> here are some basic steps. Use NTFS permissions on the server
> religiously. Deny Anonymous logins. Establish password
> policies. Require
> SMTP authentication, deny users the right to change passwords, and
> establish new passwords for all users, deny relay. Set up auditing.
> Change the name of the computer administrator account. Go to
> Microsoft's
> website, windowsupdate.microsoft.com, and run all updates, then go to
> the downloads page and update IIS.
>
> If you would like more direct assistance, email me directly.
>
> John Tolmachoff, Network Engineer
>
> 211 E. Imperial Hwy., Suite 106
> Fullerton, CA� 92835
> 714-578-7999, ext. 104
> [EMAIL PROTECTED]
> www.reliancesoft.com
> �
>
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]] On Behalf Of Kyrre Wathne
> Sent: Thursday, September 20, 2001 5:47 AM
> To: [EMAIL PROTECTED]
> Subject: [IMail Forum] Blackmail by hacker
>
> Hello. I'm being blackmailed by a user who claims he has gained
> unauthorized
> access to other users' accounts. I'm running IMail 6.06 with
> the user db
> in
> MSSQL 7. Am also running IIS5 on the same server. Any ideas
> on how I can
> track down potential security holes?
>
> Thanks,
>
> Kyrre
>
>
> Please visit http://www.ipswitch.com/support/mailing-lists.html
> to be removed from this list.
>
> An Archive of this list is available at:
> http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
>
>
> Please visit http://www.ipswitch.com/support/mailing-lists.html
> to be removed from this list.
>
> An Archive of this list is available at:
> http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
>
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
