Security Incidents mailing list archives

Re: Distributed spam-based DoS in progress

From: Rohan Amin <rohan () rohanamin com>
Date: Thu, 20 Feb 2003 00:04:43 -0500

a denial of service. It seems that there are very few people out there who
have seen this but I'm sure it's not far off from becoming more prevalent.


I was just involved in helping handle an incident where someone had
installed a rogue SMTP 'engine' by exploiting the Gallery web
application (known vulnerability).  The SMTP engine connected to a
server in Russia, downloaded a forged header, body and 5000 emails
(and repeated).  It then sent the emails.  Each fetch retreived the
next batch of emails (in alphabetical order by domain).

Nasty little thing!

Regards,

Rohan


----------------------------------------------------------------------------

Do you know the base address of the Global Offset Table (GOT) on a Solaris 8
box?
CORE IMPACT does.
www.securityfocus.com/core

Current thread:

Distributed spam-based DoS in progress Transistor Sister (Feb 17)
- Re: Distributed spam-based DoS in progress Hugo van der Kooij (Feb 18)
  - Re: Distributed spam-based DoS in progress Valdis . Kletnieks (Feb 18)
- Re: Distributed spam-based DoS in progress Kee Hinckley (Feb 19)
  - Re: Distributed spam-based DoS in progress Transistor Sister (Feb 19)
    - Re: Distributed spam-based DoS in progress Rohan Amin (Feb 20)
  - RE: Distributed spam-based DoS in progress Steve Drees (Feb 19)
- <Possible follow-ups>
- RE: Distributed spam-based DoS in progress Dave Hart (Feb 18)
  - RE: Distributed spam-based DoS in progress Hugo van der Kooij (Feb 19)
- RE: Distributed spam-based DoS in progress Dave Hart (Feb 19)