|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
SMTP probes
From: Rich Puhek (rpuhek
etnsystems.com)
Date: Fri Apr 04 2003 - 13:22:23 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Has anyone else noticed an upswing in port 25 probes over the last few days?
I'm seeing fairly large quantities of connections to port 25 (on the
order of one every several seconds) with no real SMTP transations
(logged by sendmail as "... did not issue MAIL/XPN/VRFY/ETRN during
connection to MTA")
Perhaps somethings probing for servers vulnerable to the recent sendmail
problems?
A quick look with ngrep seems to show that a typical connection doesn't
send any data, just connects to port 25 and goes away.
--Rich
_________________________________________________________
Rich Puhek
ETN Systems Inc.
2125 1st Ave East
Hibbing MN 55746
tel: 218.262.1130
email: rpuheketnsystems.com
_________________________________________________________
----------------------------------------------------------------------------
Powerful Anti-Spam Management and More...
SurfControl E-mail Filter puts the brakes on spam,
viruses and malicious code. Safeguard your business
critical communications. Download a free 30-day trial:
http://www.securityfocus.com/SurfControl-incidents
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]