Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Mail Server attack

From: joel () DIGGY COM AU (Joel Michael)
Date: Wed, 8 Mar 2000 08:14:37 +1100

hi all
(this is my first post, so please turn down the flame level a bit ;)
We had an attack on our mail server.  It seems as though someone sent
literally tens of thousands of emails at our server with random (as in,
random character generator) to: addresses.  This actually managed to
crash our server with the overhead of looking up all those thousands of
non-existant addresses.  Has anyone else seen something like this (maybe
with a little less disasterous side-affects)?  As a stop-gap measure, we
have blacklisted the IP address that the attack came from (a cable modem
user on the RoadRunner network in Houston, Texas, USA).  Anyone got any
ideas about how to permanently stop this kind of attack?  Any thoughts,
comments, etc appreciated :)

---
Joel Michael
System Administrator

Diggy Internet Services
90 Petrie Terrace
Brisbane Qld 4000
Australia

Ph: +61 7 3367 3555
Fax: +61 7 3367 3544
Mob: 0401 039 462
Previous By Date Next
Previous By Thread Next

Current thread: