trivalent
asked on
Exchange 2000 Server compromised?
Hi -
When troubleshooting an on-and-off blacklisting issue for one of our clients, I habitually looked at the 'Allowed IPs' in the ESM. What blew my mind was when I found an external IP listed - 75.126.45.162.
Once I removed the IP address, as you may guess the IP address was delisted the same day.
To me, there isn't any logical reason it would be there other than someone purposely placing it there. But why? Puzzling.
It's running on Windows 2000 Sp4
Exchange Server 2000 Sp3
Trend Micro A/V
Ideas?
When troubleshooting an on-and-off blacklisting issue for one of our clients, I habitually looked at the 'Allowed IPs' in the ESM. What blew my mind was when I found an external IP listed - 75.126.45.162.
Once I removed the IP address, as you may guess the IP address was delisted the same day.
To me, there isn't any logical reason it would be there other than someone purposely placing it there. But why? Puzzling.
It's running on Windows 2000 Sp4
Exchange Server 2000 Sp3
Trend Micro A/V
Ideas?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER