nanog mailing list archives

Re: New mail blocks result of Ralsky's latest attacks?

From: Suresh Ramasubramanian <suresh () outblaze com>
Date: Fri, 10 Oct 2003 20:57:06 +0530


Brian Bruns writes on 10/10/2003 8:42 PM:

Tis one of the reasons why I've disabled SMTP AUTH on all of my serversfor now. I've known about this for a few weeks now. Its notsurprising. Most of the servers cracked are Exchange servers (probablythanks to weak passwords), but I still don't feel like taking a chance.

Exchange (and MDaemon) seem to be targeted extensively - they haveadmin:admin and guest:guest type default accounts that, if they aren'tlocked down, can be used to AUTH and send out mail.


--
srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9
manager, outblaze.com security and antispam operations

Current thread:

New mail blocks result of Ralsky's latest attacks? Bob German (Oct 10)
- Re: New mail blocks result of Ralsky's latest attacks? Brian Bruns (Oct 10)
  - Re: New mail blocks result of Ralsky's latest attacks? Suresh Ramasubramanian (Oct 10)
    - RE: New mail blocks result of Ralsky's latest attacks? Bob German (Oct 10)
  - Re: New mail blocks result of Ralsky's latest attacks? Brian Bruns (Oct 10)
- Re: New mail blocks result of Ralsky's latest attacks? Andrew D Kirch (Oct 10)
- Re: New mail blocks result of Ralsky's latest attacks? Mike Tancsa (Oct 10)
- Re: New mail blocks result of Ralsky's latest attacks? Suresh Ramasubramanian (Oct 10)
  - Re: New mail blocks result of Ralsky's latest attacks? Steven Champeon (Oct 10)
- Re: New mail blocks result of Ralsky's latest attacks? Steven M. Bellovin (Oct 10)
  - Re: New mail blocks result of Ralsky's latest attacks? Suresh Ramasubramanian (Oct 10)
  - Re: New mail blocks result of Ralsky's latest attacks? Fred Baker (Oct 11)
- <Possible follow-ups>
- Fw: New mail blocks result of Ralsky's latest attacks? Brian Bruns (Oct 10)