Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Security Incidents: Fishing for open relays

Fishing for open relays

From: John Pettitt <jpp_at_CLOUDVIEW.COM>
Date: Tue, 31 Oct 2000 17:42:40 -0600

Anybody else been seeing this? I've been getting a lot of "relay tests" of
late some look legit (AOL seems to be scanning for open relays) and some
like this one look bogus (why would joymail.com use a pac-bell DSL account?)

John

>Date: Tue, 31 Oct 2000 15:35:09 -0800 (PST)
>Subject: Postfix SMTP server: errors from
>adsl-216-102-218-162.dsl.snfc21.pacbell.net[216.102.218.162]
>
>Transcript of session follows.
>
> Out: 220 gatekeeper.cloudview.com ESMTP Postfix
> In: HELO Scanner
> Out: 250 gatekeeper.cloudview.com
> In: MAIL FROM: abusecheck_at_joymail.com
> Out: 250 Ok
> In: RCPT TO: mailservers_at_joymail.com
> Out: 554 <mailservers_at_joymail.com>: Recipient address rejected: Relay access
> denied
>
>Session aborted, reason: lost connection

John Pettitt Email: jpp_at_cloudview.com

To the optimist, the glass is half full.
To the pessimist, the glass is half empty.
To the engineer, the glass is twice as big as it needs to be.
To the plumber, any liquid in the glass is potential income.

PGP keys on MIT & pgp.com servers.
Fingerprint: 81B5 446D 3E0E 1CDE 5A45 644A A744 54C4 7886 3658
Received on Nov 02 2000

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos