Security Incidents mailing list archives
Re: smtp probes
From: Hugo van der Kooij <hvdkooij () vanderkooij org>
Date: Mon, 20 Aug 2001 22:54:55 +0200 (CEST)
On Mon, 20 Aug 2001, Eduardo Cruz wrote:
Has anyone noticed an increase of smtp scans?From a few days ago im getting connections in port 25, and they dont lookfor an open relay they just connect and disconnect (like checking which smtp server is in use), there is maybe a new un-official published exploit for sendmail o etc?
At least valinux and sourceforge setup a connect and will do some verification before they accept email. It could be that this behaviour is getting copied on other systems as well. I usually get some probes from them after a message from me is accepted via a mailinglist from securityfocus. But it could be a more malicous probe. (Not that I happen to like their approach.) Hugo. -- All email send to me is bound to the rules described on my homepage. hvdkooij () vanderkooij org http://hvdkooij.xs4all.nl/ Don't meddle in the affairs of sysadmins, for they are subtle and quick to anger. ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- annoying ftp probes Emil Popov (Aug 20)
- smtp probes Eduardo Cruz (Aug 20)
- Re: smtp probes Hugo van der Kooij (Aug 20)
- Re: smtp probes Wichert Akkerman (Aug 20)
- Re: smtp probes Hugo van der Kooij (Aug 20)
- Re: annoying ftp probes Jason Spence (Aug 20)
- Re: annoying ftp probes Mike Eheler (Aug 20)
- Re: annoying ftp probes Joris De Donder (Aug 20)
- <Possible follow-ups>
- RE: annoying ftp probes Mark Villanova (Aug 20)
- RE: annoying ftp probes Gregory McCann (Aug 20)
- RE: annoying ftp probes Skeeve Stevens (Aug 27)
- RE: annoying ftp probes Gregory McCann (Aug 20)
- RE: annoying ftp probes NESTING, DAVID M (SBCSI) (Aug 20)
- Re: annoying ftp probes Emil Popov (Aug 27)
- smtp probes Eduardo Cruz (Aug 20)