Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: SMTP over HTTP traffic, looks fishy.
From: tcp fin <inet_inaddr () yahoo com>
Date: Mon, 10 Jul 2006 21:10:59 -0700 (PDT)

Also make sure that u have high alert on SMTP and HTTP
server and make sure that u scan the logs for
"<scripts>" in URL for HTTP or some other anomalies on
the SMTP like long from Address or Attachement with
the ZIP files having the Endof File pointing to the
begining of the ZIP file and creating a vicious loop
for the SMTP server and crashing it eventually. 
Also if need be Black list the IP address on the IPF
from where u are getting this noise may be putting the
ACL on the Gateway Router make more sense as well
rather than feeling ur log servers . 
Regards, 
TCP-FIN

--- Devdas Bhagat <devdas () dvb homelinux org> wrote:

On 03/07/06 09:12 -0400, killy wrote:
Over the last several days, we have seen a
significant increase in the
attempts to tunnel SMTP through HTTP. Most of
these attacks have come
out of China in the past.

Spam via open proxies. As long as you aren't
relaying for them, just
ignore the noise.

Devdas Bhagat


------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only
one to win the Analyst's 
Choice Award from eWeek. As attacks through web
applications continue to rise, 
you need to proactively protect your applications
from hackers. Cenzic has the 
most comprehensive solutions to meet your
application security penetration 
testing and vulnerability management needs. You have
an option to go with a 
managed service (Cenzic ClickToSecure) or an
enterprise software 
(Cenzic Hailstorm). Download FREE whitepaper on how
a managed service can 
help you:
http://www.cenzic.com/news_events/wpappsec.php 
And, now for a limited time we can do a FREE audit
for you to confirm your 
results from other product. Contact us at
request () cenzic com for details.

------------------------------------------------------------------------------




__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's 
Choice Award from eWeek. As attacks through web applications continue to rise, 
you need to proactively protect your applications from hackers. Cenzic has the 
most comprehensive solutions to meet your application security penetration 
testing and vulnerability management needs. You have an option to go with a 
managed service (Cenzic ClickToSecure) or an enterprise software 
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can 
help you: http://www.cenzic.com/news_events/wpappsec.php 
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault