Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

RE: POP3 logon attempts

From: "Jerry Shenk" <jshenk () decommunications com>
Date: Mon, 31 Mar 2003 17:14:19 -0500
There are a number of utilities to do that.  When I do penetration testing,
I normally use a .c file that somebody named pop3hack from my linux box.  I
don't even know what the original source was anymore...but, to answer your
question....yes they're available.

The more important question is who was trying?  That doesn't sounds like a
'random' scan to me.

-----Original Message-----
From: Tom Fischer [mailto:rustomfi () helpdesk rus uni-stuttgart de]On
Behalf Of Tom Fischer
Sent: Monday, March 31, 2003 7:11 AM
To: incidents () securityfocus com
Subject: POP3 logon attempts


Hi,
some of our POP3 servers got DoSed cause of massive password probes
against following accounts:

admin
backup
data
master
oracle
root
server
sybase
test
user
web
webmaster

Does someone know a tool which will brute force these accounts?

--
Tom Fischer                              Tom.Fischer () rus uni-stuttgart de
RUS-CERT University of Stuttgart       Tel:+49 711 685-8076 / -5898 (fax)
Allmandring 30, D-70550 Stuttgart           http://cert.uni-stuttgart.de/

----------------------------------------------------------------------------
Powerful Anti-Spam Management and More...
SurfControl E-mail Filter puts the brakes on spam,
viruses and malicious code. Safeguard your business
critical communications. Download a free 30-day trial:
http://www.surfcontrol.com/go/zsfihl1



----------------------------------------------------------------------------
Powerful Anti-Spam Management and More...
SurfControl E-mail Filter puts the brakes on spam,
viruses and malicious code. Safeguard your business
critical communications. Download a free 30-day trial:
http://www.securityfocus.com/SurfControl-incidents
Previous By Date Next
Previous By Thread Next

Current thread: