Bugtraq mailing list archives

Re: SMTP server account probing

From: James.Lick () CORP SUN COM (James Lick)
Date: Tue, 9 Mar 1999 18:48:44 -0800


On Tue, 9 Mar 1999, David Gale wrote:

Using /usr/dict/words on my linux box and the TCL code below I ran this
attack against a sendmail (8.9.2) mailserver which uses virtual user
tables and a lengthy aliases database.


The way your code is implemented, you send a RCPT and wait for a response
before sending the next RCPT.  Due to latency, this algorithm is very
inefficient and results in not much load on the server.  The "attack" in
question does not pause between RCPT commands, but rather sends them as
fast as possible and looks at the results later.  Also it tries quite a
bit more the few thousand words in /usr/dict/words.

Jim Lick

Current thread:

Re: SMTP server account probing, (continued)
- - - Re: SMTP server account probing Scott Fendley (Mar 09)
    - Re: SMTP server account probing Alexander Bochmann (Mar 10)
    - Re: SMTP server account probing Alan Cox (Mar 09)
  - Re: SMTP server account probing Ryan Permeh (Mar 09)
  - Re: SMTP server account probing Keith Woodworth (Mar 09)
  - Linux Blind TCP Spoofing Security Research Labs (Mar 09)
    - Re: Linux Blind TCP Spoofing John D. Hardin (Mar 09)
  - Winfreeze.c for Solaris ... Max Schubert (Mar 09)
- Re: SMTP server account probing GvS (Mar 09)
- Re: SMTP server account probing David Gale (Mar 09)
  - Re: SMTP server account probing James Lick (Mar 09)
  - Administrivia Aleph One (Mar 10)
- Re: SMTP server account probing Stefan Monnier (Mar 09)
- Re: SMTP server account probing Jose C. Oon (Mar 09)
- Re: SMTP server account probing Tobias J. Kreidl (Mar 10)
  - Re: SMTP server account probing typo () INFERNO TUSCULUM EDU (Mar 13)