dcsimg
Page 2 of 2 FirstFirst 12
Results 11 to 15 of 15

Thread: How do I handle this...

  1. #11
    Webius Designerous Indiginous
    Join Date
    Mar 2002
    Location
    South Florida
    Posts
    1,123
    My suggestion is to walk away...
    I have to agree with this. Tell your main admin and let him handle it. Your port scanning from the outside, with out the admin's permission or knowledge is going to do one of two things; piss your admin off cause he thinks he is being attacked, or cause your IDS system to kick in and shut down every outside port (depending on the ids level of course), going into "protection" type status, which will also piss off your admin.

    You are going down a road that will most likly end up with you being fired.

    You have had fair warning. We (sys admins) don't like when asshats that work for the company take it upon themselves to start doing penetration testing. Personally this is grounds for immediate firing if I ever catch anyone doing this, and I have caught people both inside the network and outside the network trying this over the years. They no longer work for us.

    -xmad

  2. #12
    Junior Member
    Join Date
    Aug 2005
    Posts
    18

    yea... just walk away.

    Sadly I can see the wisdom with the advice to forget about it....

    I'm not seeing the big picture here. More then likely they already know about the security breach. I'm gonna focus more on learning C.

    Thanks for the advice.

    FN

  3. #13
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Hmmmm,

    More then likely they already know about the security breach. I'm gonna focus more on learning C.
    Perhaps you should learn a bit more about your infrastructure and the nature of your industry? I would also recommend systems and process analysis.

    You really should start with the problem as it is visualised by your "customers", then work backwards. The problem in this case is spam, and it is coming from your Exchange Server.

    This raises a number of questions:

    1. Is the origin outside your infrastructure?
    2. What is the content of the spam?
    3. To whom is it addressed?

    I too support hotels, and I can tell you that they are absolute magnets for spam. That is because they are totally promiscuous with their e-mail addresses, and get picked up by spambot harvesters.

    The general solution to this is to implement spam filtering, preferably at the server side of the infrastructure.

    Whilst having port 4444 open might not be a good idea, it is not the cause of the much more general problem of spam.

    As some of my fellow members have suggested, if you go to the server Admin and tell him that port 4444 is open he will probably not be best pleased. On the other hand, if you go to him and tell him that HIS server is spewing spam to YOUR customers and they are p1$$ed about it............ it is a completely different matter.

    Trust me, you will learn to love the politics

  4. #14
    Junior Member
    Join Date
    Aug 2005
    Posts
    18

    That was....

    The sound of a hammer hitting a nail on the head.

    thanks nihil

    FN

  5. #15
    Senior Member wolfman1984's Avatar
    Join Date
    Aug 2007
    Location
    fangtastic.org
    Posts
    191
    You may not have to walk away just yet. The Wolfman agree's that nmap may be intrusive and trigger your IDS, which in turn will leave your admin with-out a groove and less funktified.

    A simple test that may identify the service on port 4444 is telnet.

    Code:
    telnet 127.0.0.1 4444
    You can also try http

    Code:
    http://127.0.0.1:4444
    If the service is offering a banner, or web service, the above techniques may identify the unknown service.

    I AM THE WOLFMAN!
    I AM... THE WOLFMAN!!
    The Wolfman's Homepage: http://www.fangtastic.org
    Do you dig the Wolfman?? Sign his Ghoulbook or listen to him Howl

Similar Threads

  1. Windows Error Messages
    By cheyenne1212 in forum Miscellaneous Security Discussions
    Replies: 7
    Last Post: February 1st, 2012, 02:51 PM
  2. Hacker Handle Generator
    By MrLinus in forum Tech Humor
    Replies: 36
    Last Post: May 28th, 2004, 08:51 AM
  3. Change Handle (Username)
    By Trust_Not_123 in forum Site Feedback/Questions/Suggestions
    Replies: 16
    Last Post: May 6th, 2003, 04:46 PM
  4. 80x86 Assembly with Masm: Tutorial IV
    By Cheeseball in forum Other Tutorials Forum
    Replies: 10
    Last Post: January 9th, 2003, 03:39 PM
  5. The Worlds Longest Thread!
    By Noble Hamlet in forum AntiOnline's General Chit Chat
    Replies: 1100
    Last Post: March 17th, 2002, 09:38 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •