Actually, I really don't think that this looks like a brute force password attack. The log clearly shows a dictionary-style attack of hundreds of "legitimate-looking" user names -- not repeated attempts to hack any particular account. Furthermore, the attack primarily targeted one domain, but not exclusively. Other hosted domains that have no ties to one another were hit in this attack as well. I make no claims of expertise in this area, but this certainly seems like a pure DOS attack to me.
I don't know if this was some sort of a proof of concept test, a random targeting, or a shot over the bow -- maybe all of the above, but I think it's certainly the latter. What happens when some trojan is written to launch a myriad of attacks from thousands of zombies? How many mail servers would be able to withstand a full-scale attack of this nature? Could this not seriously (and easily) cripple communications on a massive scale? Someone, please, just tell me I should relax. Archer -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dave Doherty Sent: Tuesday, August 15, 2006 9:28 PM To: [email protected] Subject: Re: [IMail Forum] POP3 Security / DOS Attack Hi Len- > brute force password attacks on POP accounts is something I haven't > heard of. Unless I completely misread the original post, that is exactly what Archer was reporting at the head of this thread. To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
