IP Security - possible compromise
I previously had an airport extreme and last October changed to AirPort Extreme (802.11n). WHile the security on the previous Airport extreme was set, I have concerns about my current one.
Recently I found some e-mails rejected by servers, that lead me to find my IP on 6 blacklists for spam; while I don't send any bulk mails. I have a feeling my IP has been compromised. Does anyone have any ideas how to increase security on my AirPort Extreme (802.11n) ?
Any ideas welcome
Thank you
Steven
I changed the setting to WPA2 Personal but now my computer can't find the Airport Express or my network.
The following are the minimum requirements for a wireless client to access a WPA2 encrypted network:
For a Mac:
o An AirPort Extreme Card
o OS X 10.3.3+
o AirPort for Mac 4.2
o AirPort Utility 5.0
For a PC:
o Windows XP w/SP2
o AirPort for Windows 4.2
o A wireless adapter that supports AES encryption.
Any idea how to get back to my own network by connecting to my Airport Express?
Try temporarily connecting directly to the base station using an Ethernet patch cable between the base station & your Mac.
Similar Messages
-
Hi guys,
In the last week two photographs have appeared on my iPhone camera roll and the subsequently my photo stream, of which I have not taken or anyone else could not have possibly taken with my phone. The latest one, found this evening as my most recent photo, is of a man on an aeroplane.
I'm a bit spooked here for a couple of reasons:
1. Have I been hacked and the photos are the least of my worries?
2. Can this person/persons see my photographs?
I've used iPhoto on my mac to check the location of the photographs taken using the info facility; unfortunately the location is deemed 'unknown'.
I would love anyone's take on this and would appreciate someone from apple responding to this issue directly as it's clearly a potentially huge problem for iOS and mac users.
I've already taken the measure of changing my iCloud password but all the same would like some feedback here.
Thanks all,
Snoop84I write on this topic because I have an almost same incident.
Back in 2009, and this is important because there was no icloud and photo streams at that time, I found on the camera roll of my iphone 3G photos that do not belong to me!
I try to clarify this, and everybody reacted as I was crazy or had no idea about computers, phones etc. I wrote in a technology forum and got similar reactions. In fact I am a more than average experienced pc and phone user. I could also guarantee that nobody touched my phone.
The only explanation I had is that the photos were transferred through a wireless network in a cafe on my phone through some strange leak. But they were indeed not mine.
There are more than 10 photos of a woman (pretty normal photos, bad quality selfies etc, no naked guys) of a guy making some measurements in an apartment, of an IKEA furtinure (probably for the apartment before) etc. etc. Pretty realistic photos, by no means downloaded from the internet.
And nothing to do with me!
I imported some of them in iPhoto and checked the location. Some of them were taken in Munich (where I live), one (of the new apartment) very close to the cafe I was connected and, interestingly, some (the selfies of the woman) in Palo Alto, CA.
I still do not know what that could be, I still have the photos but unfortunately not the phone anymore.
I would be more than happy to hear that there was this or the other leak at that time, but still haven't found any convincing answer on the internet. -
Help diagnosing a possibly compromised iBook
This is a repost of a previous question, with (I believe) all domains and e-mail addresses replaced.
I recently received a message from the network manager at my workplace telling me that he'd logged a number of warning about spam related to my IP address. I'm concerned that my Mac may be compromised, and am hoping that someone can help me figure out what is going on and just how bad this is.
Rather than try to list all the things I've gone through in trying to diagnose the problem, I'm basically just going to put some snippets of the log files he e-mailed me, and then hopefully someone can guide me along in the diagnosis process.
This is from what seems to be a postfix log (my username is the username for company e-mail, companymailserver is the name of the mail server, and my.ip.address appears to be an IP address assigned to me while using my home ADSL connection). I live in Morocco, which explains the .ma extension.
Dec 6 12:44:05 companymailserver postfix/cleanup[5635]: 1576D61C263: message-id=<[email protected]>
Dec 6 12:44:05 companymailserver postfix/qmgr[2716]: 1576D61C263: from=<[email protected]>, size=6324, nrcpt=1 (queue active)
Dec 6 12:44:05 companymailserver clamsmtpd: 100060: [email protected], [email protected], status=CLEAN
Dec 6 12:44:05 companymailserver postfix/smtp[5899]: A671F61C165: to=<[email protected]>, relay=127.0.0.1[127.0.0.1], delay=11, status=sent (250 Ok: queued as 1576D61C263)
Dec 6 12:44:05 companymailserver postfix/qmgr[2716]: A671F61C165: removed
Dec 6 12:44:05 companymailserver postfix/smtpd[5901]: disconnect from companymailserver.my.company.dom.ain[127.0.0.1]
Dec 6 12:44:05 companymailserver postfix/local[5903]: 1576D61C263: to=<[email protected]>, relay=local, delay=0, status=bounced (cannot access mailbox /var/spool/mail/jdahhan for user jdahhan. error writing message: File too large)
Dec 6 12:44:05 companymailserver postfix/cleanup[5635]: 31B5561C165: message-id=<[email protected]>
Dec 6 12:44:05 companymailserver postfix/qmgr[2716]: 31B5561C165: from=, size=8245, nrcpt=1 (queue active)
Dec 6 12:44:05 companymailserver postfix/qmgr[2716]: 1576D61C263: removed
Dec 6 12:44:05 companymailserver postfix/smtpd[5626]: disconnect from 173.Red-80-59-103.staticIP.another.dom.ain[another.ip.address]
Dec 6 12:44:05 companymailserver imap-login: Login: vote2 [::ffff:127.0.0.1]
Dec 6 12:44:05 companymailserver imap-login: Login: vote2 [::ffff:127.0.0.1]
Dec 6 12:44:06 companymailserver pop3-login: Login: my_username [::ffff:my.ip.address]
Dec 6 12:44:08 companymailserver postfix/smtpd[5642]: connect from adsl196-160-195-206-196.adsl196-7.another.dom.ain.ma[my.ip.address]
Dec 6 12:44:08 companymailserver MailScanner[5913]: MailScanner E-Mail Virus Scanner version 4.45.4 starting...
Dec 6 12:44:08 companymailserver MailScanner[5913]: Read 204 hostnames from the phishing whitelist
Dec 6 12:44:09 companymailserver postfix/smtpd[5642]: NOQUEUE: reject: RCPT from adsl196-160-195-206-196.adsl196-7.another.dom.ain.ma[my.ip.address]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<my.company.dom.ain>
Dec 6 12:44:09 companymailserver MailScanner[5913]: ClamAV Perl module not found, did you install it?
Dec 6 12:44:09 companymailserver postfix/smtpd[5642]: lost connection after RCPT from adsl196-160-195-206-196.adsl196-7.another.dom.ain.ma[my.ip.address]
Dec 6 12:44:09 companymailserver postfix/smtpd[5642]: disconnect from adsl196-160-195-206-196.adsl196-7.another.dom.ain.ma[my.ip.address]
Dec 6 12:44:10 companymailserver postfix/smtpd[5631]: connect from adsl196-160-195-206-196.adsl196-7.another.dom.ain.ma[my.ip.address]
Dec 6 12:44:10 companymailserver postfix/smtpd[5631]: NOQUEUE: reject: RCPT from adsl196-160-195-206-196.adsl196-7.another.dom.ain.ma[my.ip.address]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=SMTP helo=<emyyhcd.fr>
Dec 6 12:44:11 companymailserver postfix/smtpd[5631]: NOQUEUE: reject: RCPT from adsl196-160-195-206-196.adsl196-7.another.dom.ain.ma[my.ip.address]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=SMTP helo=<emyyhcd.fr>
Dec 6 12:44:11 companymailserver postfix/smtpd[5631]: NOQUEUE: reject: RCPT from adsl196-160-195-206-196.adsl196-7.another.dom.ain.ma[my.ip.address]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=SMTP helo=<emyyhcd.fr>
Dec 6 12:44:11 companymailserver postfix/smtpd[5631]: NOQUEUE: reject: RCPT from adsl196-160-195-206-196.adsl196-7.another.dom.ain.ma[my.ip.address]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=SMTP helo=<emyyhcd.fr>
Dec 6 12:44:12 companymailserver postfix/smtpd[5631]: NOQUEUE: reject: RCPT from adsl196-160-195-206-196.adsl196-7.another.dom.ain.ma[my.ip.address]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=SMTP helo=<emyyhcd.fr>
Dec 6 12:44:12 companymailserver postfix/smtpd[5631]: NOQUEUE: reject: RCPT from adsl196-160-195-206-196.adsl196-7.another.dom.ain.ma[my.ip.address]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=SMTP helo=<emyyhcd.fr>
Dec 6 12:44:12 companymailserver postfix/smtpd[5631]: NOQUEUE: reject: RCPT from adsl196-160-195-206-196.adsl196-7.another.dom.ain.ma[my.ip.address]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=SMTP helo=<emyyhcd.fr>
Dec 6 12:44:13 companymailserver postfix/smtpd[5631]: NOQUEUE: reject: RCPT from adsl196-160-195-206-196.adsl196-7.another.dom.ain.ma[my.ip.address]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=SMTP helo=<emyyhcd.fr>
Dec 6 12:44:13 companymailserver postfix/smtpd[5631]: NOQUEUE: reject: RCPT from adsl196-160-195-206-196.adsl196-7.another.dom.ain.ma[my.ip.address]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=SMTP helo=<emyyhcd.fr>
Dec 6 12:44:13 companymailserver postfix/smtpd[5631]: NOQUEUE: reject: RCPT from adsl196-160-195-206-196.adsl196-7.another.dom.ain.ma[my.ip.address]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=SMTP helo=<emyyhcd.fr>
Dec 6 12:44:13 companymailserver postfix/smtpd[5631]: NOQUEUE: reject: RCPT from adsl196-160-195-206-196.adsl196-7.another.dom.ain.ma[my.ip.address]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=SMTP helo=<emyyhcd.fr>
Dec 6 12:44:14 companymailserver imap-login: Login: vote2 [::ffff:127.0.0.1]
Dec 6 12:44:15 companymailserver postfix/smtpd[5626]: connect from adsl196-160-195-206-196.adsl196-7.another.dom.ain.ma[my.ip.address]
Dec 6 12:44:15 companymailserver postfix/smtpd[5631]: NOQUEUE: reject: RCPT from adsl196-160-195-206-196.adsl196-7.another.dom.ain.ma[my.ip.address]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=SMTP helo=<emyyhcd.fr>
Dec 6 12:44:16 companymailserver postfix/smtpd[5631]: NOQUEUE: reject: RCPT from adsl196-160-195-206-196.adsl196-7.another.dom.ain.ma[my.ip.address]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=SMTP helo=<emyyhcd.fr>
Dec 6 12:44:16 companymailserver postfix/smtpd[5626]: NOQUEUE: reject: RCPT from adsl196-160-195-206-196.adsl196-7.another.dom.ain.ma[my.ip.address]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<my.company.dom.ain>
Dec 6 12:44:17 companymailserver postfix/smtp[5746]: connect to another.dom.ain[another.ip.address]: Connection timed out (port 25)
Dec 6 12:44:17 companymailserver postfix/smtpd[5626]: lost connection after RCPT from adsl196-160-195-206-196.adsl196-7.another.dom.ain.ma[my.ip.address]
Dec 6 12:44:17 companymailserver postfix/smtpd[5626]: disconnect from adsl196-160-195-206-196.adsl196-7.another.dom.ain.ma[my.ip.address]
Dec 6 12:44:17 companymailserver postfix/smtpd[5631]: NOQUEUE: reject: RCPT from adsl196-160-195-206-196.adsl196-7.another.dom.ain.ma[my.ip.address]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=SMTP helo=<emyyhcd.fr>
Dec 6 12:44:18 companymailserver postfix/smtp[5905]: 31B5561C165: to=<[email protected]>, relay=another.dom.ain[another.ip.address], delay=13, status=sent (250 2.0.0 jB6D56UQ008183 Message accepted for delivery)
Dec 6 12:44:18 companymailserver postfix/qmgr[2716]: 31B5561C165: removed
Dec 6 12:44:19 companymailserver postfix/smtpd[5631]: NOQUEUE: reject: RCPT from adsl196-160-195-206-196.adsl196-7.another.dom.ain.ma[my.ip.address]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=SMTP helo=<emyyhcd.fr>
Dec 6 12:44:19 companymailserver imap-login: Login: vote2 [::ffff:127.0.0.1]
Dec 6 12:44:19 companymailserver MailScanner[5919]: MailScanner E-Mail Virus Scanner version 4.45.4 starting...
Dec 6 12:44:19 companymailserver MailScanner[5919]: Read 204 hostnames from the phishing whitelist
Dec 6 12:44:20 companymailserver MailScanner[5919]: ClamAV Perl module not found, did you install it?
Dec 6 12:44:20 companymailserver postfix/smtpd[5631]: NOQUEUE: reject: RCPT from adsl196-160-195-206-196.adsl196-7.another.dom.ain.ma[my.ip.address]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=SMTP helo=<emyyhcd.fr>
Dec 6 12:44:22 companymailserver postfix/smtpd[5631]: NOQUEUE: reject: RCPT from adsl196-160-195-206-196.adsl196-7.another.dom.ain.ma[my.ip.address]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=SMTP helo=<emyyhcd.fr>
Dec 6 12:44:24 companymailserver postfix/smtpd[5631]: NOQUEUE: reject: RCPT from adsl196-160-195-206-196.adsl196-7.another.dom.ain.ma[my.ip.address]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=SMTP helo=<emyyhcd.fr>
Dec 6 12:44:26 companymailserver postfix/smtpd[5631]: NOQUEUE: reject: RCPT from adsl196-160-195-206-196.adsl196-7.another.dom.ain.ma[my.ip.address]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=SMTP helo=<emyyhcd.fr>
Dec 6 12:44:27 companymailserver imap-login: Login: vote2 [::ffff:127.0.0.1]
Dec 6 12:44:28 companymailserver postfix/smtpd[5631]: NOQUEUE: reject: RCPT from adsl196-160-195-206-196.adsl196-7.another.dom.ain.ma[my.ip.address]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=SMTP helo=<emyyhcd.fr>
Dec 6 12:44:29 companymailserver pop3-login: Login: kfethi [::ffff:another.ip.address]
Dec 6 12:44:30 companymailserver postfix/smtpd[5631]: too many errors after RCPT from adsl196-160-195-206-196.adsl196-7.another.dom.ain.ma[my.ip.address]
Dec 6 12:44:30 companymailserver postfix/smtpd[5631]: disconnect from adsl196-160-195-206-196.adsl196-7.another.dom.ain.ma[my.ip.address]
Dec 6 12:44:30 companymailserver MailScanner[5927]: MailScanner E-Mail Virus Scanner version 4.45.4 starting...
Dec 6 12:44:30 companymailserver MailScanner[5927]: Read 204 hostnames from the phishing whitelist
The following appears to be the anatomy of a sample spam message:
Bodystructure
Entity Content-Type Name Encoding
1
TEXT/PLAIN
2
message/delivery
3
text/rfc822
RFC822 Message body
Return-Path:
X-Original-To: [email protected]
Delivered-To: [email protected]
Received: from casmail.my.company.dom.ain (casmail.my.company.dom.ain [127.0.0.1])
by casmail.my.company.dom.ain (Microsoft Exchange 2005) with ESMTP id 48BC361C263
for <[email protected]>; Tue, 6 Dec 2005 20:51:48 +0000 (WET)
Received: from flmx03.mgw.another.dom.ain (flmx03.mgw.another.dom.ain [65.32.1.50])
by casmail.my.company.dom.ain (Microsoft Exchange 2005) with ESMTP id 3799F61C165
for <[email protected]>; Tue, 6 Dec 2005 20:51:45 +0000 (WET)
Received: from localhost (localhost)
by flmx03.mgw.another.dom.ain (8.12.10/8.12.8) id jB6LCfg1006731;
Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
From: Mail Delivery Subsystem <[email protected]>
Message-Id: <[email protected]>
To: <[email protected]>
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="jB6LCfg1006731.1133903561/flmx03.mgw.another.dom.ain"
Subject: Returned mail: see transcript for details
Auto-Submitted: auto-generated (failure)
X-Virus-Scanned: ClamAV using ClamSMTP
Status: RO
Content-Length: 23240
X-UID: 876
X-Keywords:
This is a MIME-encapsulated message
--jB6LCfg1006731.1133903561/flmx03.mgw.another.dom.ain
The original message was received at Tue, 6 Dec 2005 16:12:25 -0500 (EST)
from orngca-mx-09.mgw.another.dom.ain [another.ip.address]
----- The following addresses had permanent fatal errors -----
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
<[email protected]>
(reason: 550 5.1.1 unknown or illegal alias: [email protected])
----- Transcript of session follows -----
... while talking to ms-mta-03-fn.socal.another.dom.ain.:
DATA
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
<<< 550 5.1.1 unknown or illegal alias: [email protected]
550 5.1.1 <[email protected]>... User unknown
--jB6LCfg1006731.1133903561/flmx03.mgw.another.dom.ain
Content-Type: message/delivery-status
Reporting-MTA: dns; flmx03.mgw.another.dom.ain
Received-From-MTA: DNS; orngca-mx-09.mgw.another.dom.ain
Arrival-Date: Tue, 6 Dec 2005 16:12:25 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
Final-Recipient: RFC822; [email protected]
Action: failed
Status: 5.1.1
Remote-MTA: DNS; ms-mta-03-fn.socal.another.dom.ain
Diagnostic-Code: SMTP; 550 5.1.1 unknown or illegal alias: [email protected]
Last-Attempt-Date: Tue, 6 Dec 2005 16:12:41 -0500 (EST)
--jB6LCfg1006731.1133903561/flmx03.mgw.another.dom.ain
Content-Type: text/rfc822-headers
Received: from orngca-mx-09.mgw.another.dom.ain (orngca-mx-09.mgw.another.dom.ain [another.ip.address])
by flmx03.mgw.another.dom.ain (8.12.10/8.12.8) with ESMTP id jB6L99gW003699;
Tue, 6 Dec 2005 16:12:25 -0500 (EST)
Received: from mycomputer'sname.NET (HELO another.dom.ain) (my.ip.address)
by orngca-mx-09.mgw.another.dom.ain with SMTP; 06 Dec 2005 16:11:03 -0500
From: [email protected]
To: [email protected]
Date: Tue, 06 Dec 2005 19:16:48 GMT
Subject: Maildeliveryfailed
Importance: Normal
X-Mailer: SpeedMail_V8.27
X-Priority: 3 (Normal)
Message-ID: <[email protected]>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="=====85dcdd2ca8d54ff.76b5a9"
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: Symantec AntiVirus Scan Engine
X-Virus-Scan-Result: Repaired 4815 W32.Sober.X@mm!zip
--jB6LCfg1006731.1133903561/another.dom.ain--
I installed Little Snitch to try to monitor any outgoing connections; I haven't noticed over port 25, but noticed a bunch of traceroute requests to IP addresses I don't recognize. I block the requests, as I can't figure out what application might be requesting the traceroutes, but I don't know if that was actually related. It's also possible that whatever is sending the spam is either a) coming from an application that Little Snitch approves of, like Mail, or b) somehow this is not actually my computer causing the problem (please please please).
Any advice would be greatly appreciated; I thought that I was fairly security conscious, and this worries me.
Thanks in advance,
Greg Westin
iBook (Dual USB), all souped up Mac OS X (10.4.3) Power Mac G4 (Gigabit Ethernet)I don't think it's a problem to post this. Is there some reason I should be concerned, other than letting people know that I do in fact have Microsoft products installed? At any rate, here it is, with my computer's name and my username replaced:
My-Computer-Name:~ my-username$ ps -auxwww
USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND
my-username 1120 7.9 1.1 90432 6720 ?? S 1:12PM 0:01.62 /Applications/Utilities/Terminal.app/Contents/MacOS/Terminal -psn025034753
windowse 57 3.0 4.8 140668 28056 ?? Ss Sun07AM 21:34.76 /System/Library/Frameworks/ApplicationServices.framework/Frameworks/CoreGraphic s.framework/Resources/WindowServer -daemon
root 1124 1.2 0.1 27324 428 p1 R+ 1:13PM 0:00.02 ps -auxwww
my-username 1123 1.2 0.1 27820 860 p1 S 1:12PM 0:00.06 -bash
root 118 0.2 3.4 291948 20080 ?? S Sun07AM 3:10.22 /Applications/Adobe Version Cue CS2/bin/VersionCueCS2.app/Contents/MacOS/VersionCueCS2 -service
root 40 0.1 0.2 28072 952 ?? Ss Sun07AM 0:06.19 /usr/sbin/mDNSResponder -launchdaemon
root 1106 0.1 0.2 30944 984 ?? Ss 1:11PM 0:00.07 slpd -f /etc/slpsa.conf
nobody 161 0.1 0.3 81900 1804 ?? S Sun07AM 2:43.15 /Applications/Adobe Version Cue CS2/data/database/bin/mysqld --defaults-file=/Applications/Adobe Version Cue CS2/config/my.ini --basedir=. --data=data --user=nobody --bind-address=127.0.0.1 --console --socket=/tmp/mysql-vcw.sock --port=50701
root 36 0.0 0.1 27872 372 ?? Ss Sun07AM 0:03.86 /usr/sbin/notifyd
root 39 0.0 0.1 28252 580 ?? Ss Sun07AM 0:00.05 /usr/sbin/KernelEventAgent
root 41 0.0 0.1 27600 496 ?? Ss Sun07AM 0:16.20 /usr/sbin/netinfod -s local
root 42 0.0 0.1 27292 336 ?? Ss Sun07AM 0:01.58 /usr/sbin/syslogd
root 43 0.0 0.1 27540 360 ?? Ss Sun07AM 0:00.24 /usr/sbin/cron
root 45 0.0 0.3 31644 1916 ?? Ss Sun07AM 0:11.49 /usr/sbin/DirectoryService
root 48 0.0 0.0 27256 176 ?? Ss Sun07AM 0:57.28 /usr/sbin/update
root 58 0.0 0.1 27680 792 ?? Ss Sun07AM 0:04.37 /usr/sbin/distnoted
root 61 0.0 0.9 43272 5448 ?? Ss Sun07AM 0:14.90 /System/Library/CoreServices/coreservicesd
my-username 62 0.0 0.6 69064 3616 ?? Ss Sun07AM 0:35.17 /System/Library/Frameworks/ApplicationServices.framework/Frameworks/ATS.framewo rk/Support/ATSServer
my-username 63 0.0 0.6 69520 3412 ?? Ss Sun07AM 0:14.38 /System/Library/CoreServices/loginwindow.app/Contents/MacOS/loginwindow console
root 78 0.0 0.0 27776 128 ?? Ss Sun07AM 0:00.03 /usr/libexec/crashreporterd
root 106 0.0 0.6 46604 3624 ?? Ss Sun07AM 1:29.20 /System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework /Versions/A/Support/mds
root 115 0.0 0.2 35492 1148 ?? Ss Sun07AM 0:06.73 /usr/sbin/AppleFileServer
root 129 0.0 0.2 37536 1076 ?? Ss Sun07AM 0:00.47 /usr/local/sbin/dnsupdate daemon
my-username 132 0.0 0.2 56236 1292 ?? Ss Sun07AM 0:01.43 /System/Library/CoreServices/pbs
my-username 138 0.0 1.4 95272 8232 ?? S Sun07AM 0:59.65 /System/Library/CoreServices/Dock.app/Contents/MacOS/Dock -psn0524289
my-username 139 0.0 1.5 101528 8788 ?? S Sun07AM 0:48.70 /System/Library/CoreServices/SystemUIServer.app/Contents/MacOS/SystemUIServer -psn0655361
my-username 140 0.0 3.2 117592 18584 ?? S Sun07AM 0:46.79 /System/Library/CoreServices/Finder.app/Contents/MacOS/Finder -psn0786433
my-username 147 0.0 0.2 69020 1284 ?? S Sun07AM 0:00.73 /Applications/iTunes.app/Contents/Resources/iTunesHelper.app/Contents/MacOS/iTu nesHelper -psn01048577
my-username 148 0.0 0.3 80432 2064 ?? S Sun07AM 0:02.83 /Applications/iCal.app/Contents/Resources/iCalAlarmScheduler.app/Contents/MacOS /iCalAlarmScheduler -psn01179649
my-username 149 0.0 0.2 69008 1284 ?? S Sun07AM 0:00.90 /Applications/Microsoft AutoUpdate.app/Contents/MacOS/Microsoft AU Daemon.app/Contents/MacOS/Microsoft AU Daemon -psn01310721
my-username 151 0.0 0.4 76336 2580 ?? S Sun07AM 0:56.25 /Library/Printers/hp/HP Communications.app/Contents/MacOS/HP Communications /Library/Printers/hp/HP Communications.app/Contents/MacOS/HP Communications -psn01572865
my-username 157 0.0 0.0 27280 68 ?? Ss Sun07AM 0:00.00 /Library/Printers/hp/pipedaemon.app/Contents/MacOS/pipedaemon -psn01966081
root 190 0.0 0.0 27516 232 ?? Ss Sun07AM 0:09.67 ntpd -f /var/run/ntp.drift -p /var/run/ntpd.pid
root 204 0.0 0.0 29316 64 ?? Ss Sun07AM 0:00.00 nfsiod -n 4
root 215 0.0 0.0 27316 72 ?? Ss Sun07AM 0:00.01 rpc.lockd -w
root 218 0.0 0.2 30468 1120 ?? Ss Sun07AM 0:01.44 /usr/sbin/automount -f -m /Network -nsl -mnt /private/var/automount
root 222 0.0 0.1 29424 848 ?? Ss Sun07AM 0:00.17 /usr/sbin/automount -f -m /automount/Servers -fstab -mnt /private/Network/Servers -m /automount/static -static -mnt /private/var/automount
my-username 261 0.0 0.3 38644 1708 ?? S Sun09AM 0:04.39 /System/Library/Services/AppleSpell.service/Contents/MacOS/AppleSpell -psn03538945
root 602 0.0 0.2 28520 1264 ?? Ss 3:01PM 0:01.09 /usr/sbin/cupsd -f
root 618 0.0 0.1 27792 656 ?? S 3:27PM 0:00.07 /System/Library/Filesystems/AppleShare/checkafp.app/Contents/MacOS/checkafp
my-username 671 0.0 1.1 116792 6716 ?? S 3:32PM 3:18.31 /Applications/BBEdit 7/BBEdit.app/Contents/MacOS/BBEdit -psn013369345
my-username 695 0.0 2.8 122228 16444 ?? S 3:43PM 0:46.94 /Applications/Preview.app/Contents/MacOS/Preview -psn013893633
my-username 715 0.0 0.5 79400 3232 ?? S 4:48PM 0:02.15 /System/Library/CoreServices/System Events.app/Contents/MacOS/System Events -psn014811137
my-username 754 0.0 11.8 236116 69732 ?? S 5:45PM 10:58.64 /Applications/Safari.app/Contents/MacOS/Safari -psn015990785
my-username 770 0.0 1.0 90016 5804 ?? Ss 7:01PM 0:32.44 /Library/PreferencePanes/Little Snitch.prefPane/Contents/Resources/LittleSnitchDaemon.app/Contents/MacOS/Little SnitchDaemon
my-username 786 0.0 5.1 141772 29820 ?? S 7:39PM 1:13.80 /Applications/iCal.app/Contents/MacOS/iCal -psn017694721
my-username 873 0.0 1.3 95624 7780 ?? S 6:58AM 0:02.95 /System/Library/CoreServices/Dock.app/Contents/Resources/DashboardClient.app/Co ntents/MacOS/DashboardClient /Library/Widgets/Dictionary.wdgt/ 6910 41a1cd7566fc4b90 f
my-username 874 0.0 1.2 94260 7224 ?? S 6:58AM 0:02.00 /System/Library/CoreServices/Dock.app/Contents/Resources/DashboardClient.app/Co ntents/MacOS/DashboardClient /Users/my-username/Library/Widgets/DashBox.wdgt/ 6911 41a295df655c0e7c f
my-username 875 0.0 1.2 95240 7068 ?? S 6:58AM 0:01.77 /System/Library/CoreServices/Dock.app/Contents/Resources/DashboardClient.app/Co ntents/MacOS/DashboardClient /Library/Widgets/Unit Converter.wdgt/ 6912 41a1d933b4c4a772 f
my-username 876 0.0 0.9 85776 5592 ?? S 6:58AM 0:01.41 /System/Library/CoreServices/Dock.app/Contents/Resources/DashboardClient.app/Co ntents/MacOS/DashboardClient /Library/Widgets/Calculator.wdgt/ 6913 41a12549db52ee63 f
my-username 877 0.0 1.4 96032 8552 ?? S 6:58AM 0:07.01 /System/Library/CoreServices/Dock.app/Contents/Resources/DashboardClient.app/Co ntents/MacOS/DashboardClient /Users/my-username/Library/Widgets/Network Stat.wdgt/ 6914 41a1d309c27f5d9a f
my-username 878 0.0 1.0 86548 6092 ?? S 6:58AM 0:02.03 /System/Library/CoreServices/Dock.app/Contents/Resources/DashboardClient.app/Co ntents/MacOS/DashboardClient /Library/Widgets/Stickies.wdgt/ 6915 41a0fb13ed89ea14 f
my-username 879 0.0 1.2 86472 6784 ?? S 6:58AM 0:32.75 /System/Library/CoreServices/Dock.app/Contents/Resources/DashboardClient.app/Co ntents/MacOS/DashboardClient /Library/Widgets/World Clock.wdgt/ 6916 41a24d800344738a f
my-username 1016 0.0 2.8 101800 16260 ?? S 9:59AM 0:08.60 /Applications/System Preferences.app/Contents/MacOS/System Preferences -psn023724033
security 1090 0.0 1.0 71580 5820 ?? S 1:10PM 0:03.13 /System/Library/CoreServices/SecurityAgent.app/Contents/MacOS/SecurityAgent
root 1104 0.0 0.2 29204 1268 ?? Ss 1:11PM 0:00.38 /usr/sbin/lookupd
my-username 1107 0.0 1.1 41180 6600 ?? Ss 1:11PM 0:03.68 /System/Library/Frameworks/SyncServices.framework/Resources/SyncServer.app/Cont ents/MacOS/SyncServer
my-username 1118 0.0 2.5 101016 14516 ?? S 1:11PM 0:11.65 /Applications/Mail.app/Contents/MacOS/Mail -psn024903681
root 1122 0.0 0.1 27540 592 p1 Ss 1:12PM 0:00.07 login -pf my-username
my-username 1102 0.0 0.7 41352 4248 ?? SNs 1:11PM 0:01.56 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/Metadat a.framework/Versions/A/Support/mdimportserver
root 1 0.0 0.1 28356 492 ?? S<s Sun07AM 0:03.88 /sbin/launchd
root 23 0.0 0.0 27272 108 ?? Ss Sun07AM 0:00.46 /sbin/dynamic_pager -E -F /private/var/vm/swapfile
root 27 0.0 0.2 28224 896 ?? Ss Sun07AM 0:05.65 kextd
root 31 0.0 0.2 29932 1168 ?? Ss Sun07AM 2:26.25 /usr/sbin/configd
root 32 0.0 0.3 29768 1584 ?? Ss Sun07AM 0:05.20 /usr/sbin/coreaudiod
root 33 0.0 0.2 27788 1080 ?? Ss Sun07AM 0:03.94 /usr/sbin/diskarbitrationd
root 34 0.0 0.1 28328 524 ?? Ss Sun07AM 0:00.27 /usr/sbin/memberd -x
root 35 0.0 0.3 29884 1484 ?? Ss Sun07AM 0:03.23 /usr/sbin/securityd
dnsupdate is a program for having a subdomain point to my dynamic IP address. I don't think I have anything else special running.
Thanks again for your help.
Greg -
System Preferences changing, Possible Compromised P/W
nikdgr
Re: Trojan BackDoor.Wirenet.2
Feb 15, 2014 1:25 AM (in response to Linc Davis)
I was recently reviewing comments from Linc Davis and after replying was told it might be better to start a new discussion
Ive been having issue with my MacBook Pro, finding locks open in System Preference, Password Login issues, Bluetooth enabling without going into System Preferences, in fact I rarely use Bluetooth,.. and reconfiguration of Security & Privacy, wifi starting without opening network preferences. I did run the diagnostic test Linc Davis posted in support for "Trojan BackDoor.Wineret.2".
Maybe the wrong test for me to run.
But I was informed that a colleague had aquired my password for my MacBook Pro, Im not sure if its true, second hand information, although this colleague did have access,...... How or if the P/W was attained maybe from me leaving exposed laying out in written form, not sure ....but I have since changed the password, many months back, and the issues I mentioned still come and go, any possiblity these could be changing romotely
Basically what I'd like to know is any of the information from the diaognostic test of Linc Davis's is revealing anything out of the ordinary. Additionally, I've been suggested to do a clean install becuase of a root access possibility.
I would take this to the proper authority, however where Im at: the judical system could care-less, ....the police don't even have cars, pen, let alone paper to write a report.
Thank you for any suggestions
Boot Mode: Normal
USB
Hub (SMSC)
Hub (SMSC)
System diagnostics
Preview 2014-01-28-003447 hang
SecurityAgent 2014-01-30-141803 crash
SecurityAgent 2014-01-30-141811 crash
SecurityAgent 2014-01-30-141949 crash
SecurityAgent 2014-01-30-142226 crash
SecurityAgent 2014-01-30-142411 crash
SecurityAgent 2014-01-30-142519 crash
User diagnostics
cider 2014-01-26-234202 crash
Extrinsic system jobs
com.microsoft.office.licensing.helper
launchd items
/Library/LaunchDaemons/com.microsoft.office.licensing.helper.plist
(com.microsoft.office.licensing.helper)
Library/LaunchAgents/com.apple.FolderActions.enabled.plist
(com.apple.FolderActions.enabled)
Library/LaunchAgents/com.apple.FolderActions.folders.plist
(com.apple.FolderActions.folders)
Extrinsic loadable bundles
/System/Library/Extensions/HuaweiDataCardDriver.kext
(com.huawei.driver.HuaweiDataCardDriver)
/Library/Internet Plug-Ins/Flash Player.plugin
(com.macromedia.Flash Player.plugin)
/Library/Internet Plug-Ins/SharePointBrowserPlugin.plugin
(com.microsoft.sharepoint.browserplugin)
/Library/Internet Plug-Ins/SharePointWebKitPlugin.webplugin
(com.microsoft.sharepoint.webkitplugin)
/Library/PreferencePanes/Flash Player.prefPane
(com.adobe.flashplayerpreferences)
/Library/Spotlight/LogicPro.mdimporter
(No bundle ID)
Unsigned shared libraries
/usr/lib/bkLib.dylib
/usr/lib/lib6200Lib.dylib
/usr/lib/lib6246Lib.dylib
/usr/lib/lib6270Lib.dylib
/usr/lib/lib7225lib.dylib
/usr/lib/lib8200Alib.dylib
/usr/lib/lib8200lib.dylib
/usr/lib/lib8220lib.dylib
/usr/lib/libAgent.dylib
/usr/lib/libcurl.zte.dylib
/usr/lib/libIceraDownloadLib.dylib
/usr/lib/libmd5.dylib
/usr/lib/libTinyXml.dylib
Restricted user files: 317
Font problems: 40
Elapsed time (s): 213I didn't see your message last month, but was just searching for other cases of reported Wirenet infections. I've seen three cases now in the last two months, so this is obviously being actively distributed somehow, and up until March 13, Mac OS X did not protect you from it.
Wirenet, aka NetWeird, is malware that includes backdoor functionality, which means that it gives the hackers behind it the ability to install additional components on your system or make configuration changes. Basically, whatever they want to do. So, the question is, did you actually have it installed, or did your anti-virus software just detect an installer that you hadn't opened yet?
It may be too late to get such information. If you are like most people, you deleted all detected files at the time they were detected, thus destroying any evidence we might be able to work with. If you can still extract information from your anti-virus software about what file(s) were found and where they were located, that would be exceedingly helpful.
If you think you may have actually opened a suspicious installer or app, and that this malware was actually installed on your machine, there is only one possible response that can ensure that your machine is clean: erase the hard drive. See:
How to reinstall Mac OS X from scratch
If you're not sure, it would probably be safest to do this. -
Help...Has my mac's security been compromised?
Our internet went down so I reset modem and router. Router then renamed itself and old pw did not work. I contacted the company of the 3-yr-old router and was told that our Mac had the following: location is exposed, blocked process, lmpsu.exe,error, malware and suspicious files detected, corrupt and unwanted registry entries, bad sectors, corrupt files, etc. The company then said it could fix for $389. When I said no and that I wanted to contact Apple Support, the rep became slightly rude. I tried to contact Apple Support, but my Mac is no longer covered. I will pay a one-time fee if necessary, but thought I would start with the Apple Community. My software,etc.,is up to date, I checked in applications for any malware, and I purchased a new router. A final note...when I look at the System Profiler, is there any reason why it would show a Samson Android under network locations? If my son has a Samson Rugby (everyone else has I-Phones), would it show up here even though he is away at school. Thanks to anyone who can help!!!
If you know or suspect that a hostile intruder has either had physical access to the computer, or has been able to log in remotely, then there are some steps you should take to make sure that the computer is safe to use.
First, depending on the circumstances, computer tampering may be a crime, a civil wrong, or both. If there's any chance that the matter will be the subject of legal action, then you should do nothing at all without consulting a lawyer or the police. The computer would be the principal evidence in such a case, and you don't want to contaminate that evidence.
Running any kind of "anti-virus" software is pointless. If I broke into a system and wanted to leave a back door, I could do it in a way that would be undetectable by those means—and I don't pretend to any special skill as a hacker. You have to assume that any intruder can do the same. Commercial keylogging software—which has legitimate as well as illegitimate uses—won't be recognized as malware, because it's not malware.
The only way you can be sure that the computer is not compromised is to erase at least the startup volume and restore it to something like the status quo ante. The easiest approach is to recover the entire system from a backup that predates the attack. Obviously, that's only practical if you know when the attack took place, and it was recent, and you have such a backup. You will lose all changes to data, such as email, that were made after the time of the snapshot. Some of those changes can be restored from a later backup.
If you don't know when the attack happened, or if it was too long ago for a complete rollback to be feasible, then you should erase and install OS X. If you don't already have at least two complete, independent backups of all data, then you must make them first. One backup is not enough to be safe.
When you restart after the installation, you'll be prompted to go through the initial setup process for a new computer. That’s when you transfer the data from a backup in Setup Assistant.
Select only users in the Setup Assistant dialog—not Applications, Other files and folders, or Computer & Network Settings. Don't transfer the Guest account, if it was enabled.
Reinstall third-party software from original media or fresh downloads—not from a backup, which may be contaminated.
Unless you were the target of an improbably sophisticated attack, this procedure will leave you with a clean system. If you have reason to think that you were the target of a sophisticated attack, then you need expert help.
That being done, change all Internet passwords and check all financial accounts for unauthorized transactions. Do this after the system has been secured, not before. -
Unable to update - "Account possibly compromised"
When I try to update Flash Player I get a message screen saying my account may have been compromised in a recent security leak. But until the day before yesterday , I didn't even HAVE an account with Adobe. I only ended up creating one so I could come on here and ask for help. So how can I now update my Flash Player if Adobe won't let me?
You don't need an Adobe account to download or install:
Adobe AIR
Adobe Reader
Flash Player
Shockwave
Download the Adobe Flash Player installer directly by right clicking one of the following links and selecting "Save target as" or "Save Link as", depending on your browser.
Flash Player for ActiveX (Internet Explorer)
Flash Player Plug-in (All other browsers)
Close your browser and you can run the installer to update. -
ITUNES Not Opening-Security Possibly?
I have been trying since Christmas to open itunes, i downloaded the updated version and then things went wrong. I uninstalled, reinstalled, called for support. I figured out that it had something to do with the start up. I typed in msconfig in the run window and i disabled all the start up checks. Then i rebooted, then itunes opened but would not connect to the store, but nothing else to do with security did either such as my online banking, ebay accounts, nothing of the sort.
Before anyone asks, Quick Time Works fine.
So my question is, does anyone know which thing it is specifically on the start up menu that is preventing it from opening?
Compaq Running Windows XP
Compaq Running Windows XPhi bekah!
i've done more research on BearShare since our last post (someone else with the error-less launch problems had it in their startup items too), and it looks like the Qoologic thingy isn't something that can be installed with that dealy:
http://www.oit.duke.edu/ats/support/spyware/bearshare.html
(i don't think you have the SaveNow on your system. if you did, you'd be getting a "Save" entry in your startup. my guess is that your SpySweeper got rid of it a while ago.)
if you want to get rid of BearShare, i think you can just use your Add/Remove Programs control panel. but in its own right it's probably safe to leave it there.
that priaoa(sp?) is gone now
many thanks for the report! i'm hoping that this means that some of the commercial antispyware packages have updated their definitions to cover the Qoologic thingy ...
love, b -
I'm using Firefox 4.01 as default ; Win XP SP 3; Trend Micro Titanium Security Antivirus. Please suggest remedy/ help.
In Firefox 4 you no longer have the Status bar that showed the padlock in previous Firefox versions.<br />
The padlock only shows that there is a secure connection and doesn't guarantee that you are connected to the right server.<br />
So you might still be connected to the wrong server if you make a typo in the URL and someone has claimed that mistyped URL.<br />
The functionality of the padlock has been replaced by the [[Site Identity Button]] on the left end of the location bar.<br />
See also:
* http://www.dria.org/wordpress/archives/2008/05/06/635/ -
Security possible for specific JNDI entries?
working with some JMS stuff and I'm wondering if is possible to set passwords or something either at the Queue/Topic level or JNDI level... we'd like to enable some clients to read from some Queues/Topics but not from others....
Scottapparently I had forgotten I started this thread :) Answers here:
limit access to JMS Topics -
Could anyone answer this for me. I changed the default name of the router, used WAP security with a very complex word number combination to generate the SSID, and enabled MAC Address filtering to allow only my laptop to access the network. All of a sudden I was unable to access the network or the internet from my laptop. No matter what I did, the wireless network could not be found.
I went into the properties of the router and changed the security word and saved the settings and everything worked fine.
Does this mean my system was hacked?
Solved!
Go to Solution.Well, once you are connected to your wireless network, there is profile(wireless network profile) that is saved/stored automatically to allow you to connect when you perform a reboot...You don't have to enter any of your network credentials anymore and you stay connected to your wireless network...If you get disconnected from your wireless network(maybe whatever reason) and you attempt to re-connect to your wireless network then you can no longer connect to it unless you remove your network profile that was origially stored when you first connected to your wireless network...Once the wireless network profile is removed you can select your SSID, press connect, re-enter your network key andit connects, that's how it works...
However, when you changed the SSID your laptop thought that was a new wireless network and that's why it connected to the new SSID without any problems...
Next time if you face the same problem please do this -
For XP :
Click on Start and goto the Control Panel and double click on Network Connections, right click on Wireless Network Connection and click on Properties.
Now on this window, click on the second tab Wireless Network and give a check mark on "Use windows to configure my wireless" and then remove all the network names present in the Preferred Networks Window. Then click on OK...
Right click on the Wireless Network Connection again and click on View Available Wireless Networks and try to re-connect to your network...
Now it will give you the opportunity to put the network/wep key, make sure you enter the correct network key and confirm it...
It will connect...
For Vista :
Click Start >> Control Panel >> Network and Sharing Center >> Manage Wireless Networks, here remove all the networks present and close the Window...
Click on Connect to a Network and try to re-connect to your Network, it should ask for your Network Key/Password, enter the correct password/network key and click Connect...
It should connect...Once you are connected you should restart the computer, it should connect to Internet... -
Hello,
I am currently developing an application allowing users to purchase tickets using J2ME, ASP (server side JavaScript) and a SQL Server database. I wanted to find out whether there is a way to make network connections to the server side secure? I am not using sockets but standard http connections�.
Is the security possible with just http? If not is the only way to have a secure application, by using sockets? Can sockets be used with a non-java server based technology such as ASP? Also what security will I be able to implement on the server side (currently using IIS to host ASP files and SQL Database).
Any help and/or guidance will be much appreciated.Have tried that and get the following error:
Error: C:\Documents and Settings\Hardev\.netbeans\4.1\emulators\wtk22_win\emul
ator\wtk22\appdb\.keystore (The system cannot find the file specified) The folder contains _main.ks and a keystore.sks amongst other files. I am running from the Windows Command Prompt window.. does this have anything to do with a syntax problem you think? -
Security: MLS between XI IS and IE (ABAP Proxy System)
Hi All,
Is Message Level security possible between XI IS and IE (ABAP Proxy System).
I hope HTTPS is supported for XI Receiver Adapter to ABAP Proxy System. What are the activities in XI as well as ABAP Proxy system to use HTTPS protocol in ABAP Proxy Communication.
Regards,
Sudharshan N AHi,
Check the following links.. you will get the information all about the securities...
http://help.sap.com/saphelp_nw04/helpdata/en/f7/c2953fc405330ee10000000a114084/content.htm
Also read thru this link for message level security - https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/d024ca8e-e76e-2910-c183-8ea4ba681c51
http://help.sap.com/saphelp_nw04/helpdata/en/a8/882a40ce93185de10000000a1550b0/frameset.htm
message level security/encryption and decryption
Message Level Security and Performance
Also find soeminformation in these links
http://help.sap.com/saphelp_nw2004s/helpdata/en/a8/882a40ce93185de10000000a1550b0/frameset.htm
/people/aparna.chaganti2/blog/2007/01/23/how-xml-encryption-can-be-done-using-web-services-security-in-sap-netweaver-xi
Step by step guide for SSL security
step by step guide to implement SSL
Thanks
Swarup
Edited by: Swarup Sawant on Apr 9, 2008 12:34 PM -
Security breach MacBook pro O S X 10.6.8
I started having issues the other day with messages popping up saying that my computer security was compromised and to call a phone number and they tried to sell me some fix and that I have been compromised and my computer information has been taken by others. Now the messages just pop up and new screens come up on their own. What do I do are my options to only take into Apple genius bar or cn i somehow fix online? thanks
The security on your Mac has not been breached.
It is a scam. Don't call the phone number they will steal your ID only.
Shut down Safari.
Restart with Shift key depressed.
If that doesn't work shut down Safari and disconnect Mac from network then restart Safari. -
Does anyone have any suggestions as to getting email set up with the best security possible?
Spamsieve is the best spam filter for the Mac. You don't have to worry about viruses. Just remember that no e-mail attachment should ever ask for your password. If it does, don't provide it. Also hover your mouse over links to ensure the link goes to where it shoudl.
-
With Endpoint Security VPN, Time Capsule cannot be accessed
I was able to use Time Capsule before I installed Endpoint Security VPN.
But once it's installed, I cannot access Time Capsule.
I booted AirMac utility and Time Capsule wasn't recognized.
If Endpoint Security VPN was removed, it was recognized.
I definitely need it when I connect my Mac to my corporate network.
I'm wondering if there's any way to use Time Capsule under such a circumstance.I am totally guessing.. because you provide no details whatsoever..
The TC is plugged into your local network? Is it your main router or bridged?
Tell us as much as you can about the network setup.
Yasuhito wrote:
I was able to use Time Capsule before I installed Endpoint Security VPN.
But once it's installed, I cannot access Time Capsule.
The vpn client should be installed but the TC work when the vpn is not active.. that is a fairly standard thing.. you should not have to uninstall the client to access .. do you mean something different by install to actually installing the software??
As soon as the client is off the computer should revert to standard network gateway. Bring up the terminal and type ifconfig note the IP address. Ping the IP of the TC.
Now start the VPN.. do ifconfig again and ping the ip of the TC. The change of gateway will mess it up usually.. you can also do a traceroute to a location and see how that changes with vpn on or off.
When the vpn client is active there is usually an option to force all traffic through the tunnel.. that is often checked by default.. if so the computer will no longer have access to the TC as the gateway is now the remote endpoint.. check the details of the vpn client and see if there is an option to use local network and not force gateway change. Some security is compromised doing this so your corporate security might simply not allow it.
Ask the IT people in your company. They will probably be able to give instructions or tell you why it is not allowed.
Maybe you are looking for
-
I would like to create full free access folder
I would like to create a folder with full permissions to anyone. However, I would like anything that is created or copied to that directory to also gain these permissions. I should mention that I'm usually a pc user and I'm trying to solve a problem
-
One beep......NO BOOT....(but it will eventually)...win 7 64bit
Hi......on a first boot in the morning....I get silence for about 5 seconds and then ONE BEEP a bit longer than the normal start up beep. My HDD is spinning, GPU fan is spinning as is the PSU fan....but no post, no monitor or keyboard lights.....zip.
-
I rented a movie. It downloaded it wouldn't play. Now it is constantly tring to download. How can I stop this?
-
Setting Custom location for Portable Home Directories
I'm using the Portable Home Directories to create a separate home on certain desktop machines for users to use on that machine only. These are not synced either way to the server. Problem is I want it to create the homes on a different internal hard
-
Import / Export Projects - Consolidating Two Separate Aperture Libraries
Question How do I export projects that contain ONLY the referenced images from other projects? So as to avoid importing duplicate versions of the original raw file. For example on hard dive 1 I have projects called 1. Project Summer (contain raw imag