Another student's account got hacked through a phishing attempt and was
sending out spam but I noticed even after I changed their password they
still had web sessions active. I couldn't seem to find an easy way to
kill their session other than having our firewall admin block their IPs
for a bit, then I added the IPs to the Denied IP Addresses section in CGPro.
How are other people handling this (other than doing a better job
educating their users NOT to give out their password.... oh man that
kills me).
Thanks
--
++++++++++++++++++++++++++++
Brian Gibson
Systems Administrator
Wheaton College
Are you a musician? If so visit my Arbans Online music site at http://arbansonline.com and listen& contribute
#############################################################
This message is sent to you because you are subscribed to
the mailing list <CGat...@mail.stalker.com>.
To unsubscribe, E-mail to: <CGateP...@mail.stalker.com>
To switch to the DIGEST mode, E-mail to <CGatePr...@mail.stalker.com>
To switch to the INDEX mode, E-mail to <CGatePr...@mail.stalker.com>
Send administrative queries to <CGatePro...@mail.stalker.com>
Hi all,
Another student's account got hacked through a phishing attempt and was sending out spam but I noticed even after I changed their password they still had web sessions active. I couldn't seem to find an easy way to kill their session other than having our firewall admin block their IPs for a bit, then I added the IPs to the Denied IP Addresses section in CGPro.
How are other people handling this (other than doing a better job educating their users NOT to give out their password.... oh man that kills me).
Thanks
Nicolas Hatier, ing. <nicolas...@niversoft.com>
Niversoft idées logicielles - http://www.niversoft.com
Rename the account.
> wow, there really is no way within the admin console to kill a
> session.... I thought I was just missing something :(
>
> On 1/22/2011 6:02 PM, Nicolas Hatier wrote:
>> Restart CGP?
>>
>> NH
>>
>> On 2011-01-22 17:35, Brian Gibson wrote:
>>> Hi all,
>>>
>>> Another student's account got hacked through a phishing attempt and
>>> was sending out spam but I noticed even after I changed their
>>> password they still had web sessions active. I couldn't seem to find
>>> an easy way to kill their session other than having our firewall
>>> admin block their IPs for a bit, then I added the IPs to the Denied
>>> IP Addresses section in CGPro.
>>>
>>> How are other people handling this (other than doing a better job
>>> educating their users NOT to give out their password.... oh man that
>>> kills me).
>>>
>>> Thanks
>>>
>>
>> --
>>
>> *Nicolas Hatier, ing.* <nicolas...@niversoft.com
>> <mailto:nicolas...@niversoft.com>>
>> Niversoft id�es logicielles - http://www.niversoft.com
>>
>
--
Sincerely,
Roman
=======================================================================
When answering to letters sent to you by the tech.support staff, make
sure the original message you have received is included into your reply.
CLI: killaccountsessions
$ telnet yourCGPserver 106
USER postm...@masterdoamin.tld
PASS <password>
killaccountsessions user@domain
http://www.communigate.com/CommuniGatePro/CLI.html#Account
KILLACCOUNTSESSIONS accountName
Use this command to interrupt all Account sessions (POP, IMAP, FTP, WebUser, etc.).
accountName : string
This parameter specifies the name of an existing Account. The name can include the Domain name (see above).
Note: All Domain Administrators can use this command.
--Karl
Although, technical supports suggestion is quick and easy as well.