Re: Everything gone!

• Next message: Trammell Hudson: "Re: initramfs fails for medium sized cpio archives"
• Previous message: Joshua Kwan: "Re: Kernels 2.2 and 2.4 exploit (ALL VERSION WHAT I HAVE TESTED UNTILL NOW!) - removed link"
• In reply to: Richard B. Johnson: "Re: Everything gone!"
• Next in thread: James H. Cloos Jr.: "Re: Everything gone!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Mar 19, 2003 at 01:12:49PM -0500, Richard B. Johnson wrote:
> > > Perhaps:
> > >
> > > telnet target.system 25
> > > enter SMTP commands
> > > quit
> >
> > Normaly that would record the IP of the host doing the telnet.
> > (the first "Recieved: from" line in the log list where the original says
> > "Received: from localhost"....)
>
> Yes. I just looked at maillog on that machine and all I had was
> the 'evidence' of me screwing with it to see. Apparently it wasn't
> used for forwarding mail as I thought.

Well, a nice way to do this is: (probably not syntactically correct..)

router# iptables -t nat -A PREROUTING -i lan0 -p tcp ! -s
local.netework/12 -d ip.of.lan0 --dport 25 -j DROP

Depending on how your network is set up, this may or may not work... my
server box itself is masq'd so this works nicely on my network.

Regards,
Josh

-- 
New PGP public key: 0x27AFC3EE

• application/pgp-signature attachment: stored

• Next message: Trammell Hudson: "Re: initramfs fails for medium sized cpio archives"
• Previous message: Joshua Kwan: "Re: Kernels 2.2 and 2.4 exploit (ALL VERSION WHAT I HAVE TESTED UNTILL NOW!) - removed link"
• In reply to: Richard B. Johnson: "Re: Everything gone!"
• Next in thread: James H. Cloos Jr.: "Re: Everything gone!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Sun Mar 23 2003 - 22:00:29 EST