Re: Distributed spam-based DoS in progress

From: Rohan Amin (rohanat_private)
Date: Wed Feb 19 2003 - 21:04:43 PST

Next message: Rob Shein: "RE: Weird Profile in Documents and Settings"

Previous message: Greg Wiedeman: "Weird Profile in Documents and Settings"
In reply to: Transistor Sister: "Re: Distributed spam-based DoS in progress"
Next in thread: Steve Drees: "RE: Distributed spam-based DoS in progress"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> a denial of service. It seems that there are very few people out there who
> have seen this but I'm sure it's not far off from becoming more prevalent.

I was just involved in helping handle an incident where someone had
installed a rogue SMTP 'engine' by exploiting the Gallery web
application (known vulnerability).  The SMTP engine connected to a
server in Russia, downloaded a forged header, body and 5000 emails
(and repeated).  It then sent the emails.  Each fetch retreived the
next batch of emails (in alphabetical order by domain).

Nasty little thing!

Regards,

Rohan


----------------------------------------------------------------------------

Do you know the base address of the Global Offset Table (GOT) on a Solaris 8
box?
CORE IMPACT does.
www.securityfocus.com/core

Next message: Rob Shein: "RE: Weird Profile in Documents and Settings"
Previous message: Greg Wiedeman: "Weird Profile in Documents and Settings"
In reply to: Transistor Sister: "Re: Distributed spam-based DoS in progress"
Next in thread: Steve Drees: "RE: Distributed spam-based DoS in progress"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Feb 20 2003 - 07:47:09 PST