Hello Remko: sorry to bother you again,after e mailing freebsd-security@FreeBSD.org mailing list, got a reply by the list moderator rejecting my message,stating that there is no valid message from that address,sugesting yet another email address, it doubts the authenticity of your recomendation Remko, you sugested I should look into securing my emailserver installation by preventing unauthorized access. you are of the opinion that ICMP PING is not the cause of spam mailrelaying. could I ask you if my Apple mac is any risk due to the PING portal being open? if so would you advice me on what to do? Thanks again. Sam On Sunday, June 03, 2007, at 11:30PM, "Remko Lodder" <remko@elvandar.org> wrote:>Hello Sam, > >First of all thank you for taking the time to email the FreeBSD >Security Team. I feel however that this is not the right place >to help you out here. I think you are better of on the >freebsd-security@FreeBSD.org mailinglist instead of the Security Team. > >That said: If your email server was being abused by someone you >need to look into securing your email server installation by >preventing unauthorized access (only relay for domains that >you own and are authorative for, deny the rest), ICMP PING is >most likely (in my opinion) not the cause of your server being >abused of spam mail relaying. > >Goodluck resolving this issue! > >On Fri, June 1, 2007 5:23 pm, sam garcia wrote: >> hello secteam:would like to report a security weakness spotted in a >> security check by my broadband server tiscali. >> security was prompted by inability to send new mails through tiscali mail >> system,had to change password with them,caused by feed back from cantv.com >> ,it informed me that my email was used to send junk mail through tiscali . >> security check spotted the icmp,ping portal open to hackers, as i am >> novice in computers ,would like to ask your advice, please could you help? >> many thanks. >> sam garcia > > >-- >Kind regards, > > Remko Lodder ** remko@elvandar.org > FreeBSD ** remko@FreeBSD.org > > /* Quis custodiet ipsos custodes */ > > >
Hello Sam Is this computer running FreeBSD or Mac OS X? If a computer does answer ICMP PING requests, then this is not a security problem. Even if turned off this will not really help in protecting it from abuse (if there are ways to do it). Do you run a mailserver on the computer which tiscali spotted as a source of spam? If not and this is just your desktop computer, then something else (eg. a program) running on your computer does send out spam. This could happen through several methods. If your computer could have been infected by a virus (or could have a break in), then it would be a good idea to do a fresh install from the install CD/DVD. To keep your computer secure you should install all available security updates for the Operating System and also for all installed applications. It is also highly recommended to have good passwords for the accounts on the computer. Did you install or enable any applications / services which run as a server and can be reached from the whole internet? Could this be abused because of a missing or weak password? This are just some hints to check out. I can not really help you any further, as this is to time consuming to do with a computer novice and without direct access to your computer. It would be better if you get some professional computer support in your area, which could be able to find the real source of your problem with the sending out of spam. bye Fabian
sam garcia <samgarcia.mac.com@mac.com> writes:> Hello Remko: sorry to bother you again,after e mailing > freebsd-security@FreeBSD.org mailing list, got a reply by the list > moderator rejecting my message,stating that there is no valid message > from that address,sugesting yet another email address, it doubts the > authenticity of your recomendationNo, Remko was correct. However, freebsd-security is moderated, and only subscribers may post there.> Remko, you sugested I should look into securing my emailserver > installation by preventing unauthorized access. you are of the > opinion that ICMP PING is not the cause of spam mailrelaying. could I > ask you if my Apple mac is any risk due to the PING portal being open? > if so would you advice me on what to do?I don't know what you mean by "PING portal", but no, ICMP echo request / reply messages can not normally be used to relay spam. In any case, your question has nothing to do with FreeBSD. If you suspect a security problem with your Mac, I suggest you contact Apple or a Mac users forum. DES -- Dag-Erling Sm?rgrav - des@des.no