[ale] Being used in a DOS attack against others

Michael Hirsch mhirsch at nubridges.com
Thu Aug 8 09:48:25 EDT 2002


Someone has been using our mail server to amplify a DOS attack against
some other mail servers.  It works like this.  Then send a mail to
randomuser at nubridges.com with a return address of attackedcompany.com. 
Since random user does not exist we send a reply that the user does not
exit to attackedcompany's mail server.  So we flood their mail server.

I've never seen this attack before, though it seems quite simiple.  Is
this a well know DOS attack?  Has anyone else been experiencing this? 

It seems to have stopped this morning, but it was ongoing for the last
two days.

--Michael


---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.






More information about the Ale mailing list