----- Original Message ----
> From: Ralf Hildebrandt <ralf.hildebra...@charite.de> > To: postfix-users@postfix.org > Sent: Wed, July 21, 2010 5:00:16 AM > Subject: Is such an SSL attack possible against Postfix? > > http://blog.fefe.de/?ts=b2b8f9f8 > sorry, it's in german. I'll translate some bits: > > Sombody went to Torrent trackers and announced blog.fefe.de:443 as > Torrent client (for a really popular download I guess). > > Thus, blog.fefe.de:443 got flooded with torrent-client traffic on the > SSL port. > > Port 25 outgoing will be blocked by most ISPs, but let's assume that's > not done by all IPS. It would work with the submission port! > All, In my opinion the port really doesn't matter. If the IP is up and fully operational and you send enough traffic to it then yes a DDoS is going to happen. If the port isn't open it will just say connection refused, but get enough traffic to saturate that bandwidth to the server, and the link will go down. So in this instance you would only be able to protect yourself via TCP and UDP Flood Protection on your IDS and HIPS systems or other firewall tools. Thanks, Daniel Reinhardt Website: www.cryptodan.com Email: crypto...@yahoo.com
