Just a quick question as my SMTP is getting hit with tons of bogus requests (1 or 2 per second)
Basically I need to know how to adapt this script to work with asps logs? http://forums.cpanel.net/f185/sustained-exim-attack-syntax-errors-mitigation -measures-338792.html#post1456572 in my assp logs all I see is Sep-04-13 20:29:12 82.152.113.229 got 'non printable hex data' from the client before the '220 ...' server greeting was sent - rejecting connection; Sep-04-13 20:29:12 82.152.113.229 All connections from IP 82.152.113.229 will be rejected by assp for the next 15-30 minutes.; In my exim_mainlog I see garbage like this 2013-09-05 09:41:38 SMTP connection from [127.0.0.1]:36558 I=[127.0.0.1]:125 (TCP/IP connection count = 7) 2013-09-05 09:41:38 SMTP syntax error in "L\314\277\2310\353\016\313\346\025\262\333k\034\271\350\241\300\323\364z\36 5Q\002Y\277\262\021'\275\340 \035\241\/s.\337:\207\375\302H@\225\327W\370\036\022i\265\3130tK\177\265\201 \260\323\3$ 2013-09-05 09:41:38 SMTP syntax error in "\303$\303\316L\233\005\371\224*\024/\305\223\226\267\275N\246Hs\261\264 \021\327\301\264\341;\3179\030&$E\252\325t\242\307\223\002\345L\025\be\177\0 33\236\371\233/\254\370\347\224\272.$ 2013-09-05 09:41:38 SMTP syntax error in "\034R\237\026\255\267g%\362 \032\254\216\204yB\\357\304O\366\301\252\m[@kL%\241zh\364\204\210)\371\266\2 25\251\377i\242n\375\227\261\367\216-\353 \304*\371\324bC\006G\003\335\022Ze\243"\353\$ 2013-09-05 09:41:38 SMTP connection from [127.0.0.1]:36558 I=[127.0.0.1]:125 lost Does anyone know how to solve this issue? My DC admins suggested enabling synflood in csf anyone think that would help instead? Thanks! John ------------------------------------------------------------------------------ Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more! Discover the easy way to master current and previous Microsoft technologies and advance your career. Get an incredible 1,500+ hours of step-by-step tutorial videos with LearnDevNow. Subscribe today and save! http://pubads.g.doubleclick.net/gampad/clk?id=58041391&iu=/4140/ostg.clktrk _______________________________________________ Assp-user mailing list Assp-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-user
