brute force/dictionary attacks

To: netbsd-users%netbsd.org@localhost
Subject: brute force/dictionary attacks
From: Al - Image Hosting Services <azick%zickswebventures.com@localhost>
Date: Mon, 26 Sep 2011 11:30:07 -0500 (CDT)

Hi,

I am running NetBSd 4 with UW ipop3d. Anyway, I am getting more and morebrute force attacks with pop. What happens is that after inetd reachesthe set limit of connections it stops all pop3 requests, so the pop serveris effectively down. I put the IP address in hosts.deny, but inetd stillreached its limit and stopped taking requests for pop. I then raised thelimit of connections to 999. This created a new issue and although theserver continued to answer pop requests its cpu was 0% idle.

Does anyone know if there is a way to hold the connection open with thepop3 client much like is done with smtp (tar pit) or if I could limit thenumber of SYN packets? I would like to do something to slow them down.Maybe someone has a better suggestion on how to deal with this kind ofattack.


Thanks,
Al

Follow-Ups:
- Re: brute force/dictionary attacks
  - From: Matthias Scheler
- Re: brute force/dictionary attacks
  - From: Greg A. Woods

Prev by Date: Re:
Next by Date: kernel headers ??
Previous by Thread: [RELEASE] kerTeX: AMS fonts added.
Next by Thread: Re: brute force/dictionary attacks
Indexes:

Home | Main Index | Thread Index | Old Index