Jump to content

beach200

Members
  • Posts

    11
  • Joined

  • Last visited

beach200's Achievements

Rookie

Rookie (2/14)

  • First Post
  • Collaborator
  • Conversation Starter
  • Week One Done
  • One Month Later

Recent Badges

0

Reputation

  1. Using https, it seems it is very easy to find out the server details etc etc from the default screen which displays. But this is the exact information which is nobody's business and is hidden by using error pages in a standard http url. So the question is this: if I can't redirect away from that https page on a shared server, is it possible to have the page changed (presumably by you) so the server information and the other technical details are no longer shown? In other words, a more professional looking page should be returned. Ideally - in my opinion - a blank page. Thanks for your input.
  2. We have been with TCH for a long time, and this is the first time a serious issue has affected us.. We have 2 severs with TCH, and this morning I noticed a worrying, apparent breach. On both servers, an index.html file was compromised and references to a rogue site added. Exact addtion was '..thebettings.cn:8080/ts/in.cgi?pepsi54..' (This URL is reffered to on a malware registration site.) We are checking to make sure this didn't originate from here, and so far, all the indications are that these files were somehow added in-situ on the server. Has anyone else seen this problem? Thanks
  3. Can you provide a realistic estimate of the expected down time for each server during this upgrade?
  4. This fits even more closely with the evidence! I guess the initial question is solved. Tks
  5. Got a good reply from Rick via a ticket. As Andy says the process of checking the pop3 server via OutLook performs authentication which remains on the server for some time (x minutes). This fits prefectly with the evidence. It seems that if you read the pop3 server, and then use any technique to send via the smtp server (within x minutes), you can get a free ride. If this is so, my scepticism seems to be justified.
  6. Yes, the SMTP is with TCH (the best). Using OutLook Exp, after a reboot of Win XP, I don't need authentication. So presumably, no one else does either.
  7. It would seem from where I sit, that I have an outgoing smtp server which doesn't require authentication. I can test this simply thru MS OutLook. This seems to permit use of this outgoing server by anyone. Is this possible? What am I missing here?
  8. Thanks for the welcome and info. I am still not entirely convinced. I will search for some evidence of the issue.
  9. Have I got this right? Any person anywhere can set their outgoing SMTP server to my SMTP server and thereby send mail physically thru my account. If this is so, is there something I can do to prevent this? Any assistance here is appreciated. Tks
×
×
  • Create New...