Hosting Provided By

Re: POP3 logon attempts

From: Bojan Zdrnja <Bojan.Zdrnja(at)LSS.hr>
Date: Mon Mar 31 2003 - 19:14:13 EST

> Original message:

> From: Tom Fischer <Tom.Fischer@rus.uni-stuttgart.de>
> To: incidents@securityfocus.com <incidents@securityfocus.com>
> Date: Tuesday, April 1, 2003, 12:11:27 AM
> Subject: POP3 logon attempts

> Hi,
> some of our POP3 servers got DoSed cause of massive password probes

> Does someone know a tool which will brute force these accounts?

It seems like someone just tried brute force cracking on your server. There are many remote brute force POP-3 cracking programs, of which I believe Brutus is the most popular.

You can find more information about Brutus at:

http://www.hoobie.net/brutus

Do you need help?

Brutus comes with few pre-defined accounts to crack, but your list seems a bit larger - in any case it's very simple for malicious user to add new usernames. It also has words.txt included, with much larger list of commond words.

You might also check Entry at:

http://www.sparkleware.com/index.html

Best regards,

Bojan Zdrnja

Powerful Anti-Spam Management and More... SurfControl E-mail Filter puts the brakes on spam, viruses and malicious code. Safeguard your business critical communications. Download a free 30-day trial: http://www.securityfocus.com/SurfControl-incidents Received on Mon Mar 31 19:40:58 2003

This message: [ Message body ]
Next message: Torsten Mueller: "Re: POP3 logon attempts"
In reply to: Tom Fischer: "POP3 logon attempts"
In reply to Curt Purdy: "RE: POP3 logon attempts"
Next in thread: Torsten Mueller: "Re: POP3 logon attempts"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:00 EDT