Am 27.02.2013 22:08, schrieb Robert Moskowitz: > Lesson here about how open you make a new server while under construction. > Fortunately for me, my first step > before starting postfix was to apply my 'recipe' of postconf commands? > Anyway the system is publicly addressed, > but on a different subnet than the production box it will replace. I am > running this way, as this time if all goes > right (and this is my 5th build test), I drain the old box, change the > addresses on this new one and swap them out. > > Public DNS for this is its IPaddr.domain so it shows how the robots look for > any working address with port 25 > available: > > 36-231-85-78.dynamic-ip.hinet.net[36.231.85.78]: 554 5.7.1 <1...@k888.tw>: > Relay access denied; > from=<a...@hotmail.com> to=<1...@k888.tw> proto=SMTP helo=<208.83.67.180> > Feb 27 03:57:24 klovia postfix/smtpd[7677]: lost connection after RCPT from > 36-231-85-78.dynamic-ip.hinet.net[36.231.85.78]
ah "hinet.net" - as far as i remember this is the asian large crap provider where you get FIVE biubces as response to a abuse-mail and i temprary blocked aroubd 1 Mio. IP addresses from them in iptables in fact, what you are showing is the sad truth making any machine public and not secured and it may lead to intrusions within minutes or sometimes seconds, that is why all the "but who is interested in me" carells hobbiests are completly wrong nearly ten years ago a simple test and 10 years ago was virtually notihing compared to now in context of attacks and intrusions * samba on the WAN * a completly fresh ip-address * guest account enabled * voila, a collection of all known and unknown malwares from a to z in the share * timeframe: 10 minutes up to an hour
signature.asc
Description: OpenPGP digital signature
