|
Security Incidents
mailing list archives
Mail Server attack
From: joel () DIGGY COM AU (Joel Michael)
Date: Wed, 8 Mar 2000 08:14:37 +1100
hi all
(this is my first post, so please turn down the flame level a bit ;)
We had an attack on our mail server. It seems as though someone sent
literally tens of thousands of emails at our server with random (as in,
random character generator) to: addresses. This actually managed to
crash our server with the overhead of looking up all those thousands of
non-existant addresses. Has anyone else seen something like this (maybe
with a little less disasterous side-affects)? As a stop-gap measure, we
have blacklisted the IP address that the attack came from (a cable modem
user on the RoadRunner network in Houston, Texas, USA). Anyone got any
ideas about how to permanently stop this kind of attack? Any thoughts,
comments, etc appreciated :)
---
Joel Michael
System Administrator
Diggy Internet Services
90 Petrie Terrace
Brisbane Qld 4000
Australia
Ph: +61 7 3367 3555
Fax: +61 7 3367 3544
Mob: 0401 039 462
 By Date 
By Thread
Current thread:
- Re: Cracked; rootkit - entrapment question?, (continued)
Re: Cracked; rootkit - entrapment question? Lison, Nathan (Mar 02)
|
Intro
