RE: [IMail Forum] DoS and imail

Thu, 06 Apr 2000 01:17:54 -0700 

I do have SP6a installed on my server, I have also followed many MS
recommendation for security. (tips welcome :)

When I use the same program on IIS on port 80, the CPU does go up a little,
but memory usage does not change and IIS does not crash.

Imail seems to be super sensitive to these attacks!

-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Ted Galerneau
Sent: Thursday, April 06, 2000 1:33 AM
To: [EMAIL PROTECTED]
Subject: RE: [IMail Forum] DoS and imail


Do you have your NT server setup with the latest patch to protect it from
these attacks? Try running the same attack against your server port 80,
assuming it is up and functional as a web server. If it still causes
problems then you can safely assume that is NT specific On the other hand,
if these attempts don't cause a problem, you can safely assume there is a
problem with the Imail software.

I would be really curious about what you find. I am testing Imail myself
right now, trying to access whether or not it would be a good choice for our
growing web business. IMail seems to be a really good program so far, but
this is not something I have tested.

Ted Galerneau,
Ironwood Express Web Services
Email [EMAIL PROTECTED]
(206) 444-4912
(800) 559-3424

-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Omar K.
Sent: Thursday, April 06, 2000 12:01 AM
To: [EMAIL PROTECTED]
Subject: [IMail Forum] DoS and imail

I just recently bought Imai 6.03 and im running it on NT4 server SP6a, and
like every product I install on the server, I wanted to test it against
Denial of Service attacks.

I used a utility called "port F***" which available right here :
http://link.box.sk/link.php3?rid=15263&url=http%3A%2F%2Fnewdata.box.sk%2Fnew
order%2Fnukes%2Fportfuck.zip

I made the program send SYN and connect/disconnect packets to the SMTP and
POP ports, and the results are: Both services crash (will restart if you
have them set this way) and the CPU usage goes to 100%.  Results are even
more devistating if you start more than one session of the program.

is IPswitch aware of this problem? What do you suggest to minimize this
threat?

Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.

Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.

Please visit http://www.ipswitch.com/support/mailing-lists.html 
to be removed from this list.

Reply via email to