Security Incidents mailing list archives
Re: POP3 logon attempts
From: Tom Fischer <Tom.Fischer () rus uni-stuttgart de>
Date: Tue, 1 Apr 2003 10:49:34 +0200
Hi, On Mon, Mar 31, 2003 at 05:14:19PM -0500, Jerry Shenk wrote:
There are a number of utilities to do that.
yes, there are a number of utilities which will brute force POP3-accounts (Hydra, Brutus, ...), but I was wondering about these attacks, cause we saw the same attacks (only against the mentioned accounts) from different sources (so I thougt there might be a new tool or worm spreading).
The more important question is who was trying? That doesn't sounds like a 'random' scan to me.
It was a random scan against mail servers in one of our Class-B-networks. -- Tom Fischer Tom.Fischer () rus uni-stuttgart de RUS-CERT University of Stuttgart Tel:+49 711 685-8076 / -5898 (fax) Allmandring 30, D-70550 Stuttgart http://cert.uni-stuttgart.de/ ---------------------------------------------------------------------------- Powerful Anti-Spam Management and More... SurfControl E-mail Filter puts the brakes on spam, viruses and malicious code. Safeguard your business critical communications. Download a free 30-day trial: http://www.securityfocus.com/SurfControl-incidents
Current thread:
- RE: POP3 logon attempts Jerry Shenk (Mar 31)
- Re: POP3 logon attempts Tom Fischer (Apr 02)
- <Possible follow-ups>
- RE: POP3 logon attempts Curt Purdy (Mar 31)
- Re: POP3 logon attempts Bojan Zdrnja (Mar 31)
- Re: POP3 logon attempts Torsten Mueller (Mar 31)
- Re: POP3 logon attempts dreamwvr () dreamwvr com (Apr 02)
- Re: POP3 logon attempts Mike (Apr 02)
- Re: POP3 logon attempts Steve Cody (Apr 23)