Mailinglist Archive: opensuse (4165 mails)
| < Previous | Next > |
Re: [SLE] Help - Been Hacked!!
- From: "Matt Stamm" <suselist@xxxxxxxxx>
- Date: Wed, 23 Apr 103 07:42:21 PDT
- Message-id: <200304230742555.SM02380@xxxxxxxxx>
---------- Original Message
----------------------------------
From: Anders Johansson <andjoh@xxxxxxxxxx>
Date: 23 Apr 2003 00:18:31 +0200
>On Wed, 2003-04-23 at 00:16, Jim Norton wrote:
>>
>> Maybe you could see what is going into the
outbound queues? Maybe the payload
>> will tell something about whats going on?
>
>My guess is that it's most likely cron trying to
send mail to root about
>some problem.
>
>But that doesn't explain how red hat's version of
sendmail get on there
Anders,
Just before sendmail took over I have the
following log mesesage in the "mail" log. These
occurred every hour about 3 days before sendmail
got installed and Samba went down...
Apr 17 19:00:02 linux postfix/pickup[22949]:
3416B17921: uid=0 from=<root>
Apr 17 19:00:02 linux postfix/cleanup[4787]:
3416B17921:
message-id=<20030417230001.3416B17921@xxxxxxxxxxxxxxxxxxxxxxx>
Apr 17 19:00:02 linux postfix/qmgr[782]:
3416B17921: from=<root@xxxxxxxxxxxxxxxxxxxxxxx>,
size=321, nrcpt=1 (queue active)
Apr 17 19:00:03 linux postfix/smtp[4790]:
3416B17921: to=<netanalize@xxxxxxxxx>,
relay=mx2.mail.yahoo.com[64.156.215.5], delay=2,
status=sent (250 ok dirdel)
Do these mean anything to anyone??
>
>
>--
>Check the headers for your unsubscription address
>For additional commands send e-mail to
suse-linux-e-help@xxxxxxxx
>Also check the archives at http://lists.suse.com
>Please read the FAQs: suse-linux-e-faq@xxxxxxxx
>
>
>
----------------------------------
From: Anders Johansson <andjoh@xxxxxxxxxx>
Date: 23 Apr 2003 00:18:31 +0200
>On Wed, 2003-04-23 at 00:16, Jim Norton wrote:
>>
>> Maybe you could see what is going into the
outbound queues? Maybe the payload
>> will tell something about whats going on?
>
>My guess is that it's most likely cron trying to
send mail to root about
>some problem.
>
>But that doesn't explain how red hat's version of
sendmail get on there
Anders,
Just before sendmail took over I have the
following log mesesage in the "mail" log. These
occurred every hour about 3 days before sendmail
got installed and Samba went down...
Apr 17 19:00:02 linux postfix/pickup[22949]:
3416B17921: uid=0 from=<root>
Apr 17 19:00:02 linux postfix/cleanup[4787]:
3416B17921:
message-id=<20030417230001.3416B17921@xxxxxxxxxxxxxxxxxxxxxxx>
Apr 17 19:00:02 linux postfix/qmgr[782]:
3416B17921: from=<root@xxxxxxxxxxxxxxxxxxxxxxx>,
size=321, nrcpt=1 (queue active)
Apr 17 19:00:03 linux postfix/smtp[4790]:
3416B17921: to=<netanalize@xxxxxxxxx>,
relay=mx2.mail.yahoo.com[64.156.215.5], delay=2,
status=sent (250 ok dirdel)
Do these mean anything to anyone??
>
>
>--
>Check the headers for your unsubscription address
>For additional commands send e-mail to
suse-linux-e-help@xxxxxxxx
>Also check the archives at http://lists.suse.com
>Please read the FAQs: suse-linux-e-faq@xxxxxxxx
>
>
>
| < Previous | Next > |