Security Incidents mailing list archives
Re: Increased activity on port 110
From: vtlists () wyae de
Date: Mon, 26 Feb 2007 18:10:54 +0100
joakim.berge () gmail com writes:
There has been a big increase in pop3 activity 25 Feb. Any idea what it is? New worm?
Define "activity": connects or real POP3? Better check with the POP3-Server or AUTH-Logs. Check that there is no POP3 bruteforce attack running. Usually that is to find accounts which then could be abused for mail relaying.
Bye Volker ------------------------------------------------------------------------- This list sponsored by: SPI DynamicsALERT: "How a Hacker Launches a SQL Injection Attack!"- SPI Dynamics White Paper It's as simple as placing additional SQL commands into a Web Form input box giving hackers complete access to all your backend systems! Firewalls and IDS will not stop such attacks because SQL Injections are NOT seen as intruders. Download this *FREE* white paper from SPI Dynamics for a complete guide to protection!
https://download.spidynamics.com/1/ad/sql.asp?Campaign_ID=70160000000CiNE --------------------------------------------------------------------------
Current thread:
- Increased activity on port 110 joakim . berge (Feb 26)
- Re: Increased activity on port 110 vtlists (Feb 26)
- <Possible follow-ups>
- Re: Re: Increased activity on port 110 phishtracker (Feb 26)
- Re: Increased activity on port 110 joakim . berge (Feb 27)