[63801] in North American Network Operators' Group
New mail blocks result of Ralsky's latest attacks?
daemon@ATHENA.MIT.EDU (Bob German)
Fri Oct 10 11:00:35 2003
From: "Bob German" <bobgerman@irides.com>
To: <nanog@merit.edu>
Date: Fri, 10 Oct 2003 10:59:46 -0400
Errors-To: owner-nanog-outgoing@merit.edu
This is a multi-part message in MIME format.
------=_NextPart_000_00FA_01C38F1D.9E4C9B30
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
A colleague informed me this morning that Alan Ralsky is doing
widespread bruteforce attacks on SMTP AUTH, and they are succeeding,
mainly because it's quick, painless (for him), and servers and IDS
signatures don't generally offer protection against them.
Could this be why everyone's locking up their mail servers all of a
sudden?
Does anyone know of a way to stop them?
Bob
------=_NextPart_000_00FA_01C38F1D.9E4C9B30
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Dus-ascii">
<TITLE>Message</TITLE>
<META content=3D"MSHTML 6.00.2800.1264" name=3DGENERATOR></HEAD>
<BODY>
<DIV><SPAN class=3D293065714-10102003><FONT face=3DArial size=3D2>A =
colleague informed=20
me this morning that Alan Ralsky is doing widespread bruteforce attacks =
on SMTP=20
AUTH, and they are succeeding, mainly because it's quick, painless (for =
him),=20
and servers and IDS signatures don't generally offer protection against=20
them.</FONT></SPAN></DIV>
<DIV><SPAN class=3D293065714-10102003><FONT face=3DArial=20
size=3D2></FONT></SPAN> </DIV>
<DIV><SPAN class=3D293065714-10102003><FONT face=3DArial size=3D2>Could =
this be why=20
everyone's locking up their mail servers all of a =
sudden?</FONT></SPAN></DIV>
<DIV><SPAN class=3D293065714-10102003><FONT face=3DArial=20
size=3D2></FONT></SPAN> </DIV>
<DIV><SPAN class=3D293065714-10102003><FONT face=3DArial size=3D2>Does =
anyone know of=20
a way to stop them?</FONT></SPAN></DIV>
<DIV><SPAN class=3D293065714-10102003><FONT face=3DArial=20
size=3D2></FONT></SPAN> </DIV>
<DIV align=3Dleft>
<DIV align=3Dleft><SPAN class=3D753150415-27022003><FONT face=3DArial=20
size=3D2>Bob</FONT></SPAN></DIV></DIV></BODY></HTML>
------=_NextPart_000_00FA_01C38F1D.9E4C9B30--
