11-26-2008
netstat -na | grep 587
This should tell you all connections on the saslauthd. If they are the same ip address you can just block it. If they are different you might have to make a script or something to block them.
8 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Hi,
I'm trying find out if there is a way to stop a brute force attack on a Webmail site. I'm trying to setup a webmail access, but I would like to prevent too many invalid logins from the same IP.
I've looked into Snort, but I was wondering if there was an application level firewall that can... (1 Reply)
Discussion started by: nitin
1 Replies
2. Cybersecurity
About 3 days ago our Apache logs started filling with the following errors:
mod_ssl: SSL handshake failed (server <weberver>:443, client 41.235.234.172) (OpenSSL library error follows)
OpenSSL: error:1408A0B7:SSL routines:SSL3_GET_CLIENT_HELLO:no ciphers specified
These initially were... (1 Reply)
Discussion started by: ccj4467
1 Replies
3. Cybersecurity
Hi,
I have a belkin router installed and a look at the security log has got me worried a little bit.
Security log:
Fri Jan 29 20:41:46 2010
=>Found attack from 68.147.232.199.
Source port is 58591 and destination port is 12426 which use the TCP protocol.
Fri Jan 29 20:41:46 2010 ... (1 Reply)
Discussion started by: jld
1 Replies
4. Cybersecurity
In my logs I find entries about attacks on my system. I know IP addresses, I know date and time and I know what they tried to do. So what's the best I can do now? Tell everybody that there are cybercriminals on that network? Write an email to their admin? Anything else? (10 Replies)
Discussion started by: Action
10 Replies
5. Cybersecurity
Is this an attack attempt? I got an e-mail from 'uucp Admin' last night and again this morning:
What does it mean and what can I do about it? Thanks (4 Replies)
Discussion started by: ctafret
4 Replies
6. Cybersecurity
How to protect DDoS and brute force attack.
I want to secure my server and block attacker. (1 Reply)
Discussion started by: romanepo
1 Replies
7. Shell Programming and Scripting
I want to test the effectiveness of sshguard on some of my systems so I'm trying to write a script that simulates a brute force attack by sending a bunch of different username and password combinations to the servers being tested. So far I have this:
#!/usr/local/bin/expect
set timeout 3... (5 Replies)
Discussion started by: ph0enix
5 Replies
8. Emergency UNIX and Linux Support
Dear community,
my site was recently attacjed by DDOS technique and goes down in a few minutes. My site runs under Debian/Apache2/Mysql.
I identified the IPs who attack me and block it through iptable firewall from debian.
Something like:
iptables -D INPUT -s xxx.xxx.xxx.xxx -j DROP
This... (7 Replies)
Discussion started by: Lord Spectre
7 Replies
smtp(n) smtp client smtp(n)
NAME
smtp - Client-side tcl implementation of the smtp protocol
SYNOPSIS
package require Tcl
package require mime ?1.3.2?
package require smtp ?1.3.2?
::smtp::sendmessage token option...
DESCRIPTION
The smtp library package provides the client side of the smtp protocol.
::smtp::sendmessage token option...
This command sends the MIME part (see package mime) represented by token to an SMTP server. options is a list of options and their
associated values. The recognized options are:
-servers
A list of SMTP servers. The default is localhost.
-ports A list of SMTP ports. The default is 25.
-queue Indicates that the SMTP server should be asked to queue the message for later processing. A boolean value.
-atleastone
Indicates that the SMTP server must find at least one recipient acceptable for the message to be sent. A boolean value.
-originator
A string containing an 822-style address specification. If present the header isn't examined for an originator address.
-recipients
A string containing one or more 822-style address specifications. If present the header isn't examined for recipient
addresses). If the string contains more than one address they will be separated by commas.
-header
A list of keywords and their values (may occur zero or more times).
If the -originator option is not present, the originator address is taken from From (or Resent-From); similarly, if the -recipients option
is not present, recipient addresses are taken from To, cc, and Bcc (or Resent-To, and so on). Note that the header key/values supplied by
the -header option (not those present in the MIME part) are consulted. Regardless, header key/values are added to the outgoing message as
necessary to ensure that a valid 822-style message is sent.
The command returns a list indicating which recipients were unacceptable to the SMTP server. Each element of the list is another list, con-
taining the address, an SMTP error code, and a textual diagnostic. Depending on the -atleastone option and the intended recipients, a non-
empty list may still indicate that the message was accepted by the server.
SEE ALSO
mime, pop3, ftp, http
KEYWORDS
mail, mail, email, smtp, mime, rfc821, rfc822, internet, net
mime 1.3.2 smtp(n)