I also would recommend migrating over to Qmail instead of Sendmail (Sendmail has got to be one of the worst programs ever, I think, in regards to security--though it can be fairly well secured for the most part, provided you keep up to date on patches), and migrate from BIND to tinydns/djbdns. Both Qmail and djbdns have never had any exploits for all these years, and both Sendmail and BIND have had many. They are just coded so much better. -- Regards, Tim Greer [EMAIL PROTECTED] Server administration, security, programming, consulting.
----- Original Message ----- From: "Carpio, Brian" <[EMAIL PROTECTED]> To: "Linux Security <[EMAIL PROTECTED]>" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Monday, June 30, 2003 2:42 PM Subject: RE: Hack? The loophole could be your version of sendmail and / or bind... these are VERY vulnerable services... you need to upgrade or patch them. -----Original Message----- From: Linux Security <[EMAIL PROTECTED]> [mailto:[EMAIL PROTECTED] Sent: Friday, June 27, 2003 10:06 PM To: [EMAIL PROTECTED] Subject: Hack? Hello all, My redhat 7.2 is getting hacked very frequently even i got a firewall.appended bellow is the nmap output. What may be the loophole? % nmap -sA 202.xxx.xxx.xxx Initiating ACK Scan against isp.com () The ACK Scan took 275 seconds to scan 1542 ports. Interesting ports on isp.com (): (The 1538 ports scanned but not shown below are in state: filtered) Port State Service 25/tcp UNfiltered smtp 53/tcp UNfiltered domain 80/tcp UNfiltered http 443/tcp UNfiltered https Thanks in advance, A.Johnson --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ----------------------------------------------------------------------------
