response 246 of 251:

Mar 17 13:41 UTC 2003

For what it's worth, yesterday morning my IDS at work logged what
appeared to be an attempt to exploit the sendmail vulnerability
mentioned earlier in this message.  Unfortunately I didn't have full
logging turned on, so I can't say whether it had any shellcode attached
or whether the goal was just to crash sendmail on vulnerable servers.

response 248 of 251:

Mar 19 00:20 UTC 2003

Mail still cannot be sent from wwnet.com to Grex.

It appears that Grex is applying an unreasonably strict definition
of what constitutes "legitimate conduct".  Shutting off spammers
is one thing; cutting ourselves off from major ISPs is quite another.

response 250 of 251:

Mar 21 17:33 UTC 2003

$ ps -ax | grep sshd
 1045 ?  IW    0:05 /usr/local/libexec/sshd
 1293 ?  S     1:44 /usr/local/libexec/sshd
 2212 ?  IW    0:04 /usr/local/libexec/sshd
 2763 ?  IW    0:05 /usr/local/libexec/sshd
 3372 ?  IW    0:03 /usr/local/libexec/sshd
 3569 ?  IW    0:02 /usr/local/libexec/sshd
 3664 ?  IW    0:02 /usr/local/libexec/sshd
 3989 ?  S     0:05 /usr/local/libexec/sshd
23951 ?  S     2:08 /usr/local/libexec/sshd
26686 ?  IW    0:26 /usr/local/libexec/sshd
27290 ?  IW    0:08 /usr/local/libexec/sshd
27652 ?  IW    0:12 /usr/local/libexec/sshd
28254 ?  IW    0:21 /usr/local/libexec/sshd
28434 ?  S     0:08 /usr/local/libexec/sshd
28706 ?  IW    0:09 /usr/local/libexec/sshd
 4292 qc S     0:00 grep sshd
$

It is running now.