Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-disclosure] Funny smtp helo in the logs

from [Kenneth Ng] Network Security [Permanent Link]
Subject: Re: [Full-disclosure] Funny smtp helo in the logs
Date: Sun, 30 Oct 2005 23:38:33 -0400 
Well, spammers are taking advantage of the old "be liberal in what you
accept" coding motif.

On 10/30/05, Valdis.Kletnieks@vt.edu <Valdis.Kletnieks@vt.edu> wrote:


On Sun, 30 Oct 2005 12:39:52 +0530, Aditya Deshmukh said:


124 09/10/2005 09:54:35 HELO -1209283632 ---> 250 my.smtp.domain.server


I'm not sure which is sadder, that the spamware is totally untested and
buggy,
or that so many sites will accept this syntactically invalid HELO command
that
the spammers weren't forced to fix their code.....

And yes, it looks like somebody did an 'sprintf("HELO %d",my_ip_addr);'
without bothering to check what that produced....


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Full-disclosure] Funny smtp helo in the logs, Valdis . Kletnieks
Next by Date:  Re: [Full-disclosure] Funny smtp helo in the logs, Bill Weiss
Previous by Thread:  Re: [Full-disclosure] Funny smtp helo in the logs, Valdis . Kletnieks
Next by Thread:  Re: [Full-disclosure] Funny smtp helo in the logs, Bill Weiss
Indexes:  [Date] [Thread] [Top] [All Lists]