From: tcp fin (inet_inaddr@yahoo.com)
Date: Tue Jul 11 2006 - 00:10:59 EDT
Also make sure that u have high alert on SMTP and HTTP
server and make sure that u scan the logs for
"<scripts>" in URL for HTTP or some other anomalies on
the SMTP like long from Address or Attachement with
the ZIP files having the Endof File pointing to the
begining of the ZIP file and creating a vicious loop
for the SMTP server and crashing it eventually.
Also if need be Black list the IP address on the IPF
from where u are getting this noise may be putting the
ACL on the Gateway Router make more sense as well
rather than feeling ur log servers .
Regards,
TCP-FIN
--- Devdas Bhagat <devdas@dvb.homelinux.org> wrote:
> On 03/07/06 09:12 -0400, killy wrote:
> > Over the last several days, we have seen a
> significant increase in the
> > attempts to tunnel SMTP through HTTP. Most of
> these attacks have come
> > out of China in the past.
> >
> Spam via open proxies. As long as you aren't
> relaying for them, just
> ignore the noise.
>
> Devdas Bhagat
>
>
------------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security?
> Why not go with the #1 solution - Cenzic, the only
> one to win the Analyst's
> Choice Award from eWeek. As attacks through web
> applications continue to rise,
> you need to proactively protect your applications
> from hackers. Cenzic has the
> most comprehensive solutions to meet your
> application security penetration
> testing and vulnerability management needs. You have
> an option to go with a
> managed service (Cenzic ClickToSecure) or an
> enterprise software
> (Cenzic Hailstorm). Download FREE whitepaper on how
> a managed service can
> help you:
> http://www.cenzic.com/news_events/wpappsec.php
> And, now for a limited time we can do a FREE audit
> for you to confirm your
> results from other product. Contact us at
> request@cenzic.com for details.
>
------------------------------------------------------------------------------
>
>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
------------------------------------------------------------------------------
This List Sponsored by: Cenzic
Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com for details.
------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:14 EDT