Network Security: Detailed info on Re: spambots and dictionary attacks

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Focus-Linux

[Top] [All Lists]

Re: spambots and dictionary attacks

from [Hans Wolters] Network Security

[Permanent Link]

Subject:	Re: spambots and dictionary attacks
Date:	Fri, 17 Nov 2006 19:51:32 +0100


On 17-nov-2006, at 17:02, rowland onobrauche wrote:


I would like to hear from anyone that has successfully blocked
spambots or dictionary attacks without the need of another server in
between your mailserver and the senders.
The mailserver on my end is exim and it is actually a virtual server,
so i cannot really edit the exim.conf file, but have access to access,
virtusertable, trustedusers and sendmail.cw.

One thing to block about 90% or more of the attempts made by botnets is preventing they can mail you by logging wrongly used helo's on the mta.

I am running a script on my maillogs daily that is logging every attempt and stores it, in this situation, in the spamikaze database.

http://spamikaze.is-a-geek.org/~hans/prevent.pl

If the storeip subroutine would be altered you could also log it to a file in a format that exim uses to block ipnumbers. There is one in the current spamikaze instance afaik.

http://spamikaze.org/

Best regards,

Hans

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
spambots and dictionary attacks, rowland onobrauche Re: spambots and dictionary attacks, Hans Wolters <= Re: spambots and dictionary attacks, Peter H. Lemieux Re: spambots and dictionary attacks, rowland onobrauche Re: spambots and dictionary attacks, Peter H. Lemieux Re: spambots and dictionary attacks, Greg Metcalfe Re: spambots and dictionary attacks, rowland onobrauche Re: spambots and dictionary attacks, Andres Figari RE: spambots and dictionary attacks, Steven Jones Re: spambots and dictionary attacks, Ansgar -59cobalt- Wiechers Re: spambots and dictionary attacks, Kurt Seifried Re: spambots and dictionary attacks, Devdas Bhagat

Previous by Date:	Re: spambots and dictionary attacks, rowland onobrauche
Next by Date:	Re: spambots and dictionary attacks, Peter H. Lemieux
Previous by Thread:	spambots and dictionary attacks, rowland onobrauche
Next by Thread:	Re: spambots and dictionary attacks, Peter H. Lemieux
Indexes:	[Date] [Thread] [Top] [All Lists]