Forums
New posts
New posts
Search forums
Market
Domains/Websites Wanted
.com Domain Market
gTLD Domain Market
ccTLD Domain Market
Web3 Domain Market
Third-Level Domain Market
Adult Domain Market
What's New
New profile posts
Latest activity
Members
Current visitors
New profile posts
Search profile posts
Account Upgrade
Premium Members Directory
Log in
Register
What's New
calendar
Search
Search
Search titles only
By:
New posts
New posts
Search forums
Menu
Log in
Register
Install the app
Install
Enjoy unlimited access to all forum features for FREE! Optional upgrade available for extra perks.
Forums
Forum Community
Suggestions for Improvements
Spam To Dnf Account Emails
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="katherine" data-source="post: 2229686" data-attributes="member: 63835"><p>I have reviewed the logs and I found one failed attempt at SMTP authentication against our servers. The attack used a forwarder E-mail address that is only used at DNF and nowhere else. It was set up very recently.</p><p></p><p>Conclusion: No coincidence here, there has been a breach. This could be a flaw in the forum code.</p><p></p><p>Also, the pattern of the attack is apparently related to an SMTP auth brute force that has been going on for a long time.</p><p>The purpose of that kind of attack is usually to send spam exploiting your servers as an open relay.</p><p>While most of those attacks come from China, the offending IP address was Irish. But it is almost certain this is yet another zombie machine.</p></blockquote><p></p>
[QUOTE="katherine, post: 2229686, member: 63835"] I have reviewed the logs and I found one failed attempt at SMTP authentication against our servers. The attack used a forwarder E-mail address that is only used at DNF and nowhere else. It was set up very recently. Conclusion: No coincidence here, there has been a breach. This could be a flaw in the forum code. Also, the pattern of the attack is apparently related to an SMTP auth brute force that has been going on for a long time. The purpose of that kind of attack is usually to send spam exploiting your servers as an open relay. While most of those attacks come from China, the offending IP address was Irish. But it is almost certain this is yet another zombie machine. [/QUOTE]
Insert quotes…
Verification
Post reply
Forums
Forum Community
Suggestions for Improvements
Spam To Dnf Account Emails
Top
Bottom