Bugtraq mailing list archives
Re: Not so much a bug as a warning of new brute force attack
From: jzawodn () cs bgsu edu (Jeremy D. Zawodny)
Date: Mon, 3 Jun 1996 14:46:04 -0400
On Mon, 3 Jun 1996, Richard Ashton wrote:
What's to stop someone opening a new pop3 connection for each guess, thus avoiding the wait factor and/or process detection you've put in the code?
The time overhead, I'd assume. I know that if I had *my* choice of attacking two machines, and one was known to disconnect after each failed attempt, I'd use the other. Besides, you (as an attacker) might be going through some pains to 'cover your tracks' on the network, so openeing several million connections might be undesired.
popper should use syslog to record the IP address of requests and if you run it with -d produce some nice debug information (depending on the version of popper you have of course).
Agreed. All daemons that do any sort of authentication should have this as an option (and maybe even default behavior). Alas, there are always tcpwrappers... Jeremy ------------------------------------------------------------------------------ <A HREF="http://www.bgsu.edu/~jzawodn">Jeremy Zawodny, jzawodn () cs bgsu edu</A> Computer Science Undergraduate * Computer Consultant * Web Worker for Hire "Argue your limitations, and they're yours." -- Richard Bach
Current thread:
- Not so much a bug as a warning of new brute force attack Brett L. Hawn (Jun 01)
- Re: Not so much a bug as a warning of new brute force attack Paul C Leyland (Jun 03)
- Re: Not so much a bug as a warning of new brute force attack Christopher X. Candreva (Jun 03)
- Re: Not so much a bug as a warning of new brute force attack Richard Ashton (Jun 03)
- Re: Not so much a bug as a warning of new brute force attack Jeremy D. Zawodny (Jun 03)
- Reply from the author of popper at Qualcomm Pete Ashdown (Jun 03)
- Attacks using pop Alan Brown (Jun 03)
- Re: Attacks using pop simes () tcp co uk (Jun 04)
- Re: Attacks using pop Alan Brown (Jun 04)
- Re: Not so much a bug as a warning of new brute force attack Brett L. Hawn (Jun 03)
- pop3 daemon with syslog logging Gunnar Ingvi Thorisson (Jun 03)
- Re: Not so much a bug as a warning of new brute force attack Alan Brown (Jun 03)
- Re: Not so much a bug as a warning of new brute force attack Brian Davidson (Jun 04)