From owner-freebsd-security@FreeBSD.ORG Wed Jun 6 13:18:01 2007 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id C101F16A46E for ; Wed, 6 Jun 2007 13:18:01 +0000 (UTC) (envelope-from fabian@wenks.ch) Received: from batman.home4u.ch (batman1.home4u.ch [217.8.211.226]) by mx1.freebsd.org (Postfix) with ESMTP id 48CFE13C45D for ; Wed, 6 Jun 2007 13:18:00 +0000 (UTC) (envelope-from fabian@wenks.ch) Received: from [IPv6:2002:3e02:55b4:2:20a:95ff:fe8f:6586] (flashback.wenks.ch [IPv6:2002:3e02:55b4:2:20a:95ff:fe8f:6586]) (authenticated bits=0) by batman.home4u.ch (8.13.1/8.13.1) with ESMTP id l56Ch2CA052538 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 6 Jun 2007 14:43:03 +0200 (CEST) (envelope-from fabian@wenks.ch) Message-ID: <4666ABD1.2070100@wenks.ch> Date: Wed, 06 Jun 2007 14:42:57 +0200 From: Fabian Wenk User-Agent: Thunderbird 1.5.0.12 (Macintosh/20070509) MIME-Version: 1.0 To: sam garcia , freebsd-security@freebsd.org References: <8F450BE3-0112-1000-9274-4404BC5B0C5D-Webmail-10013@mac.com> <59856.194.74.82.3.1180938612.squirrel@galain.elvandar.org> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-new Cc: remko@elvandar.org Subject: Re: security weakness X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Jun 2007 13:18:01 -0000 Hello Sam Is this computer running FreeBSD or Mac OS X? If a computer does answer ICMP PING requests, then this is not a security problem. Even if turned off this will not really help in protecting it from abuse (if there are ways to do it). Do you run a mailserver on the computer which tiscali spotted as a source of spam? If not and this is just your desktop computer, then something else (eg. a program) running on your computer does send out spam. This could happen through several methods. If your computer could have been infected by a virus (or could have a break in), then it would be a good idea to do a fresh install from the install CD/DVD. To keep your computer secure you should install all available security updates for the Operating System and also for all installed applications. It is also highly recommended to have good passwords for the accounts on the computer. Did you install or enable any applications / services which run as a server and can be reached from the whole internet? Could this be abused because of a missing or weak password? This are just some hints to check out. I can not really help you any further, as this is to time consuming to do with a computer novice and without direct access to your computer. It would be better if you get some professional computer support in your area, which could be able to find the real source of your problem with the sending out of spam. bye Fabian