Bruce Bodger wrote:
On Aug 15, 2008, at 5:39 PM, Charles Marcus wrote:
You're kidding, right?
Dictionary attacks are a fact of life these days.
Just install some kind of blocking on your firewall (fail2ban is a good
one), and let it take care of the worst of it...
just make sure to get t
On Aug 16, 2008, at 11:14 AM, Mark Sapiro wrote:
Exactly. These days, IP spoofing is most useful to hide the
identity of
the perpetrator of a DoS attack. It certainly is not applicable to a
dictionary attack on POP3 or other logins since with a spoofed
IP, the
perpetrator will never see the
Kenneth Porter wrote:
>--On Friday, August 15, 2008 5:51 PM -0400 Bruce Bodger
> wrote:
>
>> fail2ban will not work for this as the incoming ip addresses are
>> spoofed. fail2ban would end up blocking legitimate servers.
>
>How do you spoof a source address on a TCP connection? I was unaware that
On Fri, Aug 15, 2008 at 06:43:30PM -0300, Eduardo M KALINOWSKI wrote:
> Charles Marcus wrote:
> > Dictionary attacks are a fact of life these days.
> >
> > Just install some kind of blocking on your firewall (fail2ban is a good
> > one), and let it take care of the worst of it..
>
> I wonder what
--On Friday, August 15, 2008 5:51 PM -0400 Bruce Bodger
<[EMAIL PROTECTED]> wrote:
fail2ban will not work for this as the incoming ip addresses are
spoofed. fail2ban would end up blocking legitimate servers.
How do you spoof a source address on a TCP connection? I was unaware that
was possi
Eduardo M KALINOWSKI wrote:
Charles Marcus wrote:
Dictionary attacks are a fact of life these days.
Just install some kind of blocking on your firewall (fail2ban is a good
one), and let it take care of the worst of it..
I wonder what they want by cracking a POP3 server. Read the user's
mails
On Friday, August 15, 2008 5:39 PM -0400 Charles Marcus
<[EMAIL PROTECTED]> wrote:
Just install some kind of blocking on your firewall (fail2ban is a good
one), and let it take care of the worst of it...
Thanks, researching it now
Looks like an RPM might be available for CentOS 5. There'
On Aug 15, 2008, at 5:39 PM, Charles Marcus wrote:
You're kidding, right?
Dictionary attacks are a fact of life these days.
Just install some kind of blocking on your firewall (fail2ban is a
good
one), and let it take care of the worst of it...
fail2ban will not work for this as the inco
On Aug 15, 2008, at 5:39 PM, Charles Marcus wrote:
You're kidding, right?
Dictionary attacks are a fact of life these days.
Just install some kind of blocking on your firewall (fail2ban is a
good
one), and let it take care of the worst of it...
fail2ban will not work for this as the inco
Charles Marcus wrote:
> Dictionary attacks are a fact of life these days.
>
> Just install some kind of blocking on your firewall (fail2ban is a good
> one), and let it take care of the worst of it..
I wonder what they want by cracking a POP3 server. Read the user's
mails? It's true POP3 password
On 8/15/2008, Kenneth Porter ([EMAIL PROTECTED]) wrote:
> I'm seeing strings of failed POP3 login attempts with obvious bogus
> usernames coming from different IP addresses. Today's originated from
> 216.31.146.19 (which resolves to neovisionlabs.com). This looks like
> a botnet attack. I got a sim
I'm seeing strings of failed POP3 login attempts with obvious bogus
usernames coming from different IP addresses. Today's originated from
216.31.146.19 (which resolves to neovisionlabs.com). This looks like a
botnet attack. I got a similar probe a couple days ago. Is anyone else
seeing these?
12 matches
Mail list logo
