System Hacked
From: malik malik (subscribejai_at_yahoo.co.uk)
Date: 08/22/03
- Previous message: Ansgar Wiechers: "Re: CSMA/CD"
- Next in thread: Dave Killion: "RE: System Hacked"
- Maybe reply: Dave Killion: "RE: System Hacked"
- Maybe reply: Vladimir Moushkov: "RE: System Hacked"
- Maybe reply: H Carvey: "Re: System Hacked"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 22 Aug 2003 09:14:41 +0100 (BST) To: security-basics@securityfocus.com
hi,
Someone hacked my system.I have SMTP/POP3 running on
Win XP and working on a LAN and have given permission
that any one on my LAN can create account.
Lastday someone created account and i got the message
of new account creation and when i checked i found
that he was trying mutiple SMTP connections TO&FROM
fake id. i got his ip.
When i checked the logs from Eventviewer i found that
Administrator loggedin twice from two different ip
using the tlntsvr.exe service thts why i am thinking
that the ip was fake.
Is there any way i can find out how he got access and
how he entered through tht SMTP port and the history
tht wht he did on getting the cmd prompt or any other
tracing trick.
thanks,
jai
________________________________________________________________________
Want to chat instantly with your online friends? Get the FREE Yahoo!
Messenger http://uk.messenger.yahoo.com/
---------------------------------------------------------------------------
----------------------------------------------------------------------------
- Previous message: Ansgar Wiechers: "Re: CSMA/CD"
- Next in thread: Dave Killion: "RE: System Hacked"
- Maybe reply: Dave Killion: "RE: System Hacked"
- Maybe reply: Vladimir Moushkov: "RE: System Hacked"
- Maybe reply: H Carvey: "Re: System Hacked"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
