Security Incidents mailing list archives
Re: Real-world attacks on sendmail CA-2003-07 seen
From: gabriel rosenkoetter <gr () eclipsed net>
Date: Mon, 10 Mar 2003 21:30:56 -0500
On Mon, Mar 10, 2003 at 03:56:22PM -0500, Juan Gallego wrote:
i have to agree. althought i don't have the original messages, i happen to log email subjects, and they have spam written all over them.
Hrm. Worth noting, perhaps, that the intelligent cracker (as opposed to the script kiddie) will craft port 25 exploits specifically *to* look like spam in your logs... If you have to ask if you're being paranoid enough, you're not. Source addresses are pretty much meaningless in this case. If it's an open relay, it's just as good for the exploit as it is for spam. Whoops. Cheers... -- gabriel rosenkoetter gr () eclipsed net
Attachment:
_bin
Description:
Current thread:
- Real-world attacks on sendmail CA-2003-07 seen Bennett Todd (Mar 07)
- Re: Real-world attacks on sendmail CA-2003-07 seen Mike Tancsa (Mar 10)
- Re: Real-world attacks on sendmail CA-2003-07 seen Bennett Todd (Mar 10)
- Re: Real-world attacks on sendmail CA-2003-07 seen Jeff Kell (Mar 10)
- Re: Real-world attacks on sendmail CA-2003-07 seen jlewis (Mar 10)
- Re: Real-world attacks on sendmail CA-2003-07 seen Bennett Todd (Mar 10)
- Re: Real-world attacks on sendmail CA-2003-07 seen Juan Gallego (Mar 10)
- Re: Real-world attacks on sendmail CA-2003-07 seen gabriel rosenkoetter (Mar 11)
- Re: Real-world attacks on sendmail CA-2003-07 seen Bennett Todd (Mar 10)
- Re: Real-world attacks on sendmail CA-2003-07 seen Mike Tancsa (Mar 10)
- <Possible follow-ups>
- Re: Real-world attacks on sendmail CA-2003-07 seen Curt Wilson (Mar 10)
- RE: Real-world attacks on sendmail CA-2003-07 seen Barry Kokotailo (Mar 10)
- Re: Real-world attacks on sendmail CA-2003-07 seen Bennett Todd (Mar 10)
- Re: Real-world attacks on sendmail CA-2003-07 seen james (Mar 10)