On Thursday 08 December 2005 12:05, michael@interobj.com wrote:
Please help!. I am a newbie in the UNIX world and I am assigned to maintain a Suse Linux Professional 7.3 box which hosts our company mail server and website. I came to find out that it seem we have been hacked, this box is exploited and emails are being sent to outside world without our knowledge, can someone tell me where I can find security patches for this version if suse.
Are you sure the box was hacked an not just setup as a relay? If you don't properly configure postfix (I think that's what the mail daemon is called), it will act as a relay. What this means, is that people can point to your server as the mail server to send there emails. Read up on your mail server daemon (again, I think it's postfix) and turn off the relay option. Also, look into the iptables (firewall) documentation and block outside IPs from using port 25 (SMTP) - if you are using SMTP. After all that is done, start the process (research, downtime estimation, etc.) of how that server should be upgraded. Welcome to the SysAdmin world! Alvin -- Please reply to the mailing list.