Loading ...
Sorry, an error occurred while loading the content.
 

Re: Server found while in construction - beware

Expand Messages
  • Reindl Harald
    ... ah hinet.net - as far as i remember this is the asian large crap provider where you get FIVE biubces as response to a abuse-mail and i temprary blocked
    Message 1 of 2 , Feb 27, 2013
      Am 27.02.2013 22:08, schrieb Robert Moskowitz:
      > Lesson here about how open you make a new server while under construction. Fortunately for me, my first step
      > before starting postfix was to apply my 'recipe' of postconf commands? Anyway the system is publicly addressed,
      > but on a different subnet than the production box it will replace. I am running this way, as this time if all goes
      > right (and this is my 5th build test), I drain the old box, change the addresses on this new one and swap them out.
      >
      > Public DNS for this is its IPaddr.domain so it shows how the robots look for any working address with port 25
      > available:
      >
      > 36-231-85-78.dynamic-ip.hinet.net[36.231.85.78]: 554 5.7.1 <111@...>: Relay access denied;
      > from=<amd2@...> to=<111@...> proto=SMTP helo=<208.83.67.180>
      > Feb 27 03:57:24 klovia postfix/smtpd[7677]: lost connection after RCPT from
      > 36-231-85-78.dynamic-ip.hinet.net[36.231.85.78]

      ah "hinet.net" - as far as i remember this is the asian large
      crap provider where you get FIVE biubces as response to a
      abuse-mail and i temprary blocked aroubd 1 Mio. IP addresses
      from them in iptables

      in fact, what you are showing is the sad truth

      making any machine public and not secured and it may lead
      to intrusions within minutes or sometimes seconds, that
      is why all the "but who is interested in me" carells hobbiests
      are completly wrong

      nearly ten years ago a simple test and 10 years ago was virtually
      notihing compared to now in context of attacks and intrusions

      * samba on the WAN
      * a completly fresh ip-address
      * guest account enabled
      * voila, a collection of all known and unknown malwares from a to z in the share
      * timeframe: 10 minutes up to an hour
    Your message has been successfully submitted and would be delivered to recipients shortly.