Security Incidents mailing list archives

Re: Increased activity on port 110

From: vtlists () wyae de
Date: Mon, 26 Feb 2007 18:10:54 +0100

joakim.berge () gmail com writes:


There has been a big increase in pop3 activity 25 Feb. Any idea what it is? New worm?

Define "activity": connects or real POP3? Better check with the POP3-Server or AUTH-Logs.Check that there is no POP3 bruteforce attack running. Usually that is tofind accounts which then could be abused for mail relaying.


Bye

Volker


-------------------------------------------------------------------------
This list sponsored by: SPI Dynamics

ALERT: "How a Hacker Launches a SQL Injection Attack!"-SPI Dynamics White PaperIt's as simple as placing additional SQL commands into a Web Form inputbox giving hackers complete access to all your backend systems!Firewalls and IDS will not stop such attacks because SQL Injections areNOT seen as intruders. Download this *FREE* white paper from SPI Dynamicsfor a complete guide to protection!

https://download.spidynamics.com/1/ad/sql.asp?Campaign_ID=70160000000CiNE
--------------------------------------------------------------------------

Current thread:

Increased activity on port 110 joakim . berge (Feb 26)
- Re: Increased activity on port 110 vtlists (Feb 26)
- <Possible follow-ups>
- Re: Re: Increased activity on port 110 phishtracker (Feb 26)
- Re: Increased activity on port 110 joakim . berge (Feb 27)