RE: POP3 logon attempts

["Curt Purdy" <purdy () tecman com>]

Hydra by THC works nicely or you can automate it with point-and-click ease
with Nessus, a very nice tool, professionaly done, and open-source, at
nessus.org.

Curt Purdy CISSP, MCSE+I, CNE, CCDA
Information Security Engineer
DP Solutions
cpurdy () dpsol com

----------------------------------------

If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- White House cybersecurity adviser Richard Clarke


-----Original Message-----
From: Tom Fischer [mailto:rustomfi () helpdesk rus uni-stuttgart de]On
Behalf Of Tom Fischer
Sent: Monday, March 31, 2003 6:11 AM
To: incidents () securityfocus com
Subject: POP3 logon attempts


Hi,
some of our POP3 servers got DoSed cause of massive password probes
against following accounts:

admin
backup
data
master
oracle
root
server
sybase
test
user
web
webmaster

Does someone know a tool which will brute force these accounts?

--
Tom Fischer                              Tom.Fischer () rus uni-stuttgart de
RUS-CERT University of Stuttgart       Tel:+49 711 685-8076 / -5898 (fax)
Allmandring 30, D-70550 Stuttgart           http://cert.uni-stuttgart.de/

----------------------------------------------------------------------------
Powerful Anti-Spam Management and More...
SurfControl E-mail Filter puts the brakes on spam,
viruses and malicious code. Safeguard your business
critical communications. Download a free 30-day trial:
http://www.surfcontrol.com/go/zsfihl1



----------------------------------------------------------------------------
Powerful Anti-Spam Management and More...
SurfControl E-mail Filter puts the brakes on spam,
viruses and malicious code. Safeguard your business
critical communications. Download a free 30-day trial:
http://www.securityfocus.com/SurfControl-incidents