RE: POP3 logon attempts

From: Jerry Shenk <jshenk(at)decommunications.com>
Date: Mon Mar 31 2003 - 17:14:19 EST

There are a number of utilities to do that. When I do penetration testing, I normally use a .c file that somebody named pop3hack from my linux box. I don't even know what the original source was anymore...but, to answer your question....yes they're available.

The more important question is who was trying? That doesn't sounds like a 'random' scan to me.

-----Original Message-----

From: Tom Fischer [mailto:rustomfi@helpdesk.rus.uni-stuttgart.de]On Behalf Of Tom Fischer
Sent: Monday, March 31, 2003 7:11 AM
To: incidents@securityfocus.com
Subject: POP3 logon attempts

Hi,
some of our POP3 servers got DoSed cause of massive password probes against following accounts:

admin
backup
data
master
oracle
root
server
sybase
test
user
web
webmaster

Does someone know a tool which will brute force these accounts?

--

Tom Fischer                              Tom.Fischer@rus.uni-stuttgart.de
RUS-CERT University of Stuttgart       Tel:+49 711 685-8076 / -5898 (fax)
Allmandring 30, D-70550 Stuttgart           
http://cert.uni-stuttgart.de/

----------------------------------------------------------------------------

Powerful Anti-Spam Management and More... SurfControl E-mail Filter puts the brakes on spam, viruses and malicious code. Safeguard your business critical communications. Download a free 30-day trial: http://www.surfcontrol.com/go/zsfihl1

---

Powerful Anti-Spam Management and More... SurfControl E-mail Filter puts the brakes on spam, viruses and malicious code. Safeguard your business critical communications. Download a free 30-day trial: http://www.securityfocus.com/SurfControl-incidents Received on Mon Mar 31 19:16:34 2003