Penetration Testing mailing list archives
Re: Discovering users by RCPT TO
From: Vince Hoang <vince () litrium com>
Date: Thu, 13 Jan 2005 13:20:15 -1000
On Thu, Jan 13, 2005 at 02:20:12PM -0500, Chris Buechler wrote:
I'd recommend disabling it unless you get flooded by such spam attacks. I would probably consider it unnecessary information disclosure, depending on the environment and reason (if any) for doing it that way.
Some MTAs allow permit you to drop the session after a certain number of failures, but that only slows down the dictionary attacks. You cannot disable RCPT TO because that is how the SMTP protocol designates the recipients. -Vince
Current thread:
- Discovering users by RCPT TO Andres Molinetti (Jan 12)
- Re: Discovering users by RCPT TO GuidoZ (Jan 13)
- Re: Discovering users by RCPT TO Martin Fallon (Jan 13)
- Re: Discovering users by RCPT TO Kiril Todorov (Jan 13)
- Re: Discovering users by RCPT TO Chris Buechler (Jan 13)
- Re: Discovering users by RCPT TO Jay D. Dyson (Jan 14)
- Re: Discovering users by RCPT TO Vince Hoang (Jan 14)
- Re: Discovering users by RCPT TO dmz (Jan 14)
- Re: Discovering users by RCPT TO Matan Peled (Jan 15)
- Re: Discovering users by RCPT TO Faisal Khan (Jan 15)
- Re: Discovering users by RCPT TO Chris Buechler (Jan 13)
- Re: Discovering users by RCPT TO GuidoZ (Jan 13)
- <Possible follow-ups>
- RE: Discovering users by RCPT TO Bassett, Mark (Jan 15)
- Re: Discovering users by RCPT TO Baltasar Cevc (Jan 17)
- Re: Discovering users by RCPT TO Tobias Glemser (Jan 20)
- Re: Discovering users by RCPT TO Baltasar Cevc (Jan 17)
- Re: Discovering users by RCPT TO Marco Ivaldi (Jan 22)