| Javascript Feeds RSS Feed Security Dashboard | SearchSecurity.com |
|
Malicious Hackers and Spam, Part 2 I discovered that a spammer was using the client's server to relay spam. Although the server wasn't an open relay, the spammer was somehow authenticating to the server to send messages. My first concern was to prevent the spammer from sending more messages. I disconnected the firewall from the Internet and deleted all the sessions. I tried to use the Exchange System Manager (ESM) to delete the messages from the queues, but the process was taking a long time. I stopped all the Exchange services, opened a command prompt, and deleted the messages from the directory D:exchsrvrmailrootvsi 1queue. Stopping the Exchange services greatly improved the server performance, but more than 10,000 messages were waiting in various queues, so even using the command prompt to delete the messages took more than an hour.
02/17/2004
|
|
Malicious Hackers and Spam, Part 1 Sugano tells how the spammer managed to send messages through the server, and how he stopped the spam.
02/17/2004
|
|
Page: 12 3 |
