Re: Suspected Intruder

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
Subject: Re: Suspected Intruder
From: Nathaniel Hall <halln@xxxxxxx>
Date: Thu, 06 Jan 2005 09:51:44 -0600
In-reply-to: <[email protected]>
List-archive: <https://www.redhat.com/archives/fedora-list>
List-help: <mailto:[email protected]?subject=help>
List-id: For users of Fedora Core releases <fedora-list.redhat.com>
List-post: <mailto:[email protected]>
List-subscribe: <http://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=subscribe>
List-unsubscribe: <http://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=unsubscribe>
Organization: Ozarks Technical Community College
References: <[email protected]>
Reply-to: halln@xxxxxxx, For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
User-agent: Mozilla Thunderbird 1.0 (Windows/20041206)

Just because you get notices from daemon because an e-mail bounced does not necessarily mean that the machine has been compromised. A lot of the time this is caused by spammers or viruses that spoof the from or reply-to e-mail address.

Nathaniel Hall, GSEC
Intrusion Detection and Firewall Technician
Ozarks Technical Community College -- Office of Computer Networking

halln@xxxxxxx
417-447-7535

Don Flinn wrote:

I suspect that an intruder may be using my node to send e-mail, because
I have received some notices from my e-mail daemon that such and such
was not available when I never sent e-mail to that person/address.

How do I check if someone is logged in/using my machine?  I'm running
FC3.

Don

References:
- Suspected Intruder
  - From: Don Flinn

Prev by Date: Re: ATrpms Real Issues
Next by Date: Kernel sources script
Previous by thread: Re: Suspected Intruder
Next by thread: Re: Suspected Intruder
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]