Re: Real-world attacks on sendmail CA-2003-07 seen

From: gabriel rosenkoetter (gr@eclipsed.net)
Date: 03/11/03

  • Next message: Loki: "Snort Signatures for LSD-PL.NET Exploit"
    Date: Mon, 10 Mar 2003 21:30:56 -0500
    From: gabriel rosenkoetter <gr@eclipsed.net>
    To: incidents@securityfocus.com
    
    
    

    On Mon, Mar 10, 2003 at 03:56:22PM -0500, Juan Gallego wrote:
    > i have to agree. althought i don't have the original messages, i happen to
    > log email subjects, and they have spam written all over them.

    Hrm.

    Worth noting, perhaps, that the intelligent cracker (as opposed to
    the script kiddie) will craft port 25 exploits specifically *to*
    look like spam in your logs...

    If you have to ask if you're being paranoid enough, you're not.

    Source addresses are pretty much meaningless in this case. If it's
    an open relay, it's just as good for the exploit as it is for spam.
    Whoops.

    Cheers...

    -- 
    gabriel rosenkoetter
    gr@eclipsed.net
    
    



  • Next message: Loki: "Snort Signatures for LSD-PL.NET Exploit"

    Relevant Pages

    • Re: Is it just me that is being picked on?
      ... >>Rich Piotrowski ... > message just results in more spam. ... > I know that I'm not the source of any of the original messages because my ... configure them to silently discard the crap. ...
      (comp.os.linux.misc)
    • Re: Is it just me that is being picked on?
      ... people are emailing me these rules as suggestions as they are ... message just results in more spam. ... I know that I'm not the source of any of the original messages because my ... servers to do anything that results in someone else getting a bounced ...
      (comp.os.linux.misc)
    • Re: [opensuse] Re: Android print solution?
      ... This appears to be *only* an advertisement, ie: spam. ... Althought it does ... the local network whereas "Cloud Print" from google allows me to print ...
      (SuSE)
    • Re: OT messages from RCTQ
      ... On 31/03/2010 15:55, Alice in PA wrote: ... but I still don't receive the original messages from Sunny, ... response...kinda backwards! ... follow Alt.sewing, and it has eliminated all the spam from that site, ...
      (rec.crafts.textiles.quilting)
    • Spam control with chinese support
      ... I'm looking for an anti-spam solution which support chinese charaters. ... Althought we do not have a lot of Chinese spam mail (mainly western ...
      (microsoft.public.exchange2000.general)