Re: New mail blocks result of Ralsky's latest attacks?

About Merit

Services

Network

Resources & Support

Network Research

News

Events

Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Re: New mail blocks result of Ralsky's latest attacks?

From: Suresh Ramasubramanian
Date: Fri Oct 10 11:35:58 2003

Brian Bruns writes on 10/10/2003 8:42 PM:

Tis one of the reasons why I've disabled SMTP AUTH on all of my servers for now. I've known about this for a few weeks now. Its not surprising. Most of the servers cracked are Exchange servers (probably thanks to weak passwords), but I still don't feel like taking a chance.

Exchange (and MDaemon) seem to be targeted extensively - they have admin:admin and guest:guest type default accounts that, if they aren't locked down, can be used to AUTH and send out mail.

--
srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9
manager, outblaze.com security and antispam operations

Follow-Ups:
- RE: New mail blocks result of Ralsky's latest attacks? Bob German

References:
- New mail blocks result of Ralsky's latest attacks? Bob German
- Re: New mail blocks result of Ralsky's latest attacks? Brian Bruns

Prev by Date: Re: New mail blocks result of Ralsky's latest attacks?
Next by Date: Re: large-scale IPSEC tunnel deployment
Date Index
Thread Index
Author Index
Historical