Increased activity on port 110 Feb 26 2007 10:20AM
joakim berge gmail com (1 replies)
Re: Increased activity on port 110 Feb 26 2007 05:10PM
vtlists wyae de
joakim.berge (at) gmail (dot) com [email concealed] writes:
> There has been a big increase in pop3 activity 25 Feb. Any idea what it is? New worm?

Define "activity": connects or real POP3? Better check with the POP3-Server or AUTH-Logs.

Check that there is no POP3 bruteforce attack running. Usually that is to
find accounts which then could be abused for mail relaying.



This list sponsored by: SPI Dynamics

ALERT: "How a Hacker Launches a SQL Injection Attack!"-
SPI Dynamics White Paper
It's as simple as placing additional SQL commands into a Web Form input
box giving hackers complete access to all your backend systems!
Firewalls and IDS will not stop such attacks because SQL Injections are
NOT seen as intruders. Download this *FREE* white paper from SPI Dynamics
for a complete guide to protection!

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus