Mendoza Bazan, Luis - (Per) wrote:
> Hi,
>
> I have an iPlanet server that work as email server. This server has the
> following services enabled: SMTP, POP3 and HTTP. We detect the evidence that
> is in the files attached. If you know some advice or workaround about this,
> it will be welcome.
> We are searching in Sun some info but cannot find it.
Well Luis, it looks like you have a publicly accessible proxy server and
somebody is attempting to use it to get their porn. I would recommend
that you either disable the proxy or configure access controls on it
that restricts its use. You should also be aware that when you post
sniffer traces the IP address a.b.c.55 that you were trying to obfuscate
shows up in there in hexadecimal (c80e f137) unless you also obfuscate
it. I can't imagine that your customer or employer would be happy that
you have advertised that information on a public mailing list.
-paul
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
Received on Apr 11 2002
Intro
