Hosting Provided By

Re: Distributed spam-based DoS in progress

From: Transistor Sister <raven(at)cybercom.net>
Date: Tue Feb 18 2003 - 21:35:33 EST

On Tue, 18 Feb 2003, Kee Hinckley wrote:

>
> One theory I've heard on this is that the script kiddies are using

I phoned CERT and they said pretty much the same thing, but for all intents and purposes spam pretty much stops becoming spam when it becomes a denial of service. It seems that there are very few people out there who have seen this but I'm sure it's not far off from becoming more prevalent.

After we got the situation under control we took a look at the data and found that we are the victim of a dictionary attack. Basically this guy is hitting us using a huge list of users. Some are random, but others look like they may have been culled from another victim site. After getting lots of great advice from members on this list, we have implemented RBL. Thousands of messages are now being refused and the mail relays are staying up. Thanks to all for your assistance.

Regards,

.Sarah

This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com Received on Wed Feb 19 14:42:08 2003

This message: [ Message body ]
Next message: Hugo van der Kooij: "RE: Distributed spam-based DoS in progress"
In reply to Kee Hinckley: "Re: Distributed spam-based DoS in progress"
Next in thread: Rohan Amin: "Re: Distributed spam-based DoS in progress"
Reply: Rohan Amin: "Re: Distributed spam-based DoS in progress"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:58 EDT

Do you need help?