Early Retirement & Financial Independence Community - View Single Post

Marshac · 03-04-2006, 02:07 AM

if your mail server only communicates with clients on the local subnet, then why would spoofing a DNS entry matter? Maybe Laurence can fill me in

So far my server ('kitchen'... what are you cooking?) hasn't been hax0red yet.... it's running Win2k3, Exchange 2k3, and BlueDragon (ColdFusion/JSP...none of that PHP for me....bleh)

Ever try tripwire?

I know that as soon as I hit the post button, the security log on my server will fill up

Edit: is your network at your house (ie: 100% yours), or is it shared with other people? perhaps someone poisoned your ARP table and performed a man-in-the-middle attack? Just a thought

03-04-2006, 02:07 AM	#4
Marshac Full time employment: Posting here. Join Date: Aug 2004 Posts: 907	if your mail server only communicates with clients on the local subnet, then why would spoofing a DNS entry matter? Maybe Laurence can fill me in So far my server ('kitchen'... what are you cooking?) hasn't been hax0red yet.... it's running Win2k3, Exchange 2k3, and BlueDragon (ColdFusion/JSP...none of that PHP for me....bleh) Ever try tripwire? I know that as soon as I hit the post button, the security log on my server will fill up Edit: is your network at your house (ie: 100% yours), or is it shared with other people? perhaps someone poisoned your ARP table and performed a man-in-the-middle attack? Just a thought