Date: Tue, 14 Jul 1998 09:10:10 +0930 (CST) From: Mark Newton <newton@camtech.com.au> To: ludwigp@bigfoot.com (Ludwig Pummer) Cc: stealth@sanet.ge, freebsd-security@FreeBSD.ORG Subject: Re: Question... Message-ID: <199807132340.JAA21739@frenzy.ct> In-Reply-To: <3.0.3.32.19980713104816.03203d78@mail.plstn1.sfba.home.com> from Ludwig Pummer at "Jul 13, 98 10:48:16 am"
next in thread | previous in thread | raw e-mail | index | archive | help
Ludwig Pummer wrote:
> >tcp 0 0 access.pop3 ppp170-tc3.1658 TIME_WAIT
> >tcp 0 87 access.smtp egeo.unipg.it.4930 ESTABLISHED
> >tcp 0 169 access.smtp ARMINCO.COM.51685 ESTABLISHED
> >tcp 0 0 access.3314 192.168.1.2.smtp SYN_SENT
> > ^^^^^^^^^^^^^^^^
> >tcp 0 0 access.smtp interfuture.com.3509 TIME_WAIT
> >
> >I haven't any proxy server installed on my system or something look like
> >it. Strange why in my system i see this IP ? What is it ?
>
> My guess is someone either a) has an incorrectly set firewall/proxy gateway
> system or b) is trying to hack/break your machine
That's a bit extreme: His machine is making an *outbound* SMTP connection
to a host that doesn't appear to be answering. Could it be that someone
has simply misaddressed some email?
Use the "mailq" (or "sendmail -bp") command to see what's stuck in
your mail queue.
- mark
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199807132340.JAA21739>