[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] POP3 - Denial of Service Attack
David Huecking schrieb:
I use qpopper pop3-daemon, because it has some more
authentificationmethodes and is more reliable.
Maybe use the Courier-Imap package?! The performance is much better.
...but how is this security related? :-)
On Montag 20 September 2004 15:56, Pablo Ronco wrote:
I suffered an attack to my POP3 Daemon, I'm using imap-2001a-38 as
imap and pop3 daemon. It seems that an attacker sent lots of pop3 request
causing the daemon to crash. I could not find any workaround except
filtering pop3 request from outside.
Is this problem reported anywhere, what can I do?
If you want to filter, there is an iptables option for xx packets/time
maybe that helps.
No debate on security relation, but this may be a brute-force hack of
your pop-daemon (not a DoS even if your daemon crashes). This is sort of
script-kiddie. Run TCP-dump on pop3-port and look what he's doing or
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here