Kelvin Ng rearranged electrons thusly:
> Does somebody heard about ELITE ? I suspect my
> linux system being misused by unauthorise person.
> Truely speaking , I don't what ELITE is . When I do
> port scanning , I saw ELITE listen on port 3333 /TCP,
Report the portscan to the ISP from which the portscan came from ...
And are you running a cc:mail / lotus notes server anywhere?
ccmail 3264/udp cc:mail/lotusdec-notes
3333/tcp DEC Notes
dec-notes 3333/udp DEC Notes
If that's the case, keep it behind a firewall and deny access to that port from
the outside world. Use sendmail or something as a smarthost for that ccmail
box.
> Another issue is my mail server has been misused
> to relay to internet . How do I configure anti mail
> relay .
http://www.mail-abuse.org/tsi/ar-fix.html
> If somebody log into my system , how do I know
> what he or she doing ?and who is loggin to my system?
http://www.attrition.org and others have FAQs.
> I appreciate somebody could advise me how to
> strengten the security against the threat ,and give
> recommended web site should visit to read on more
> about the security .
Not one single site - lots of them. securityfocus.com would do for a (very
big) start. Simple thing to do - just read Raju's 'security update' posts on
lih and instantly apply those security patches, upgrade your servers to the
latest versions of whatever (sendmail, bind, etc etc). Shut down those
services you dont need. Run the gshield script from http://www.linuxmafia.org
to set up a (paranoid) ipchains firewall.
Lastly, get yourself an admin who knows about security issues.
--
Suresh Ramasubramanian + mallet<@>efn.org
You spamma my mailbox, I nukea da ass
----------------------------------------------
LIH is all for free speech. But it was created
for a purpose. Violations of the rules of
this list will result in stern action.
