ietf-smtp
[Top] [All Lists]

Re: Abort data transfer?

2009-10-21 18:38:58

P.S. Another attack we're seen in the field a couple of times is the "send one byte every few seconds and keep lots of connections open" one. In fact if our experience is representative (I have no idea if it is or not) this is actually more of a concern.

That I can believe. The infamous Ron Guilmette had an amazing tarpit MTA about a decade ago that used that technique to keep 4000 simultaneous connections open, running on a 486. But since the rise of botnets, tarpitting lost whatever effectiveness it might have had, so I don't know of anyone still doing it.

Regards,
John Levine, johnl(_at_)taugh(_dot_)com, Taughannock Networks, Trumansburg NY
"I dropped the toothpaste", said Tom, crestfallenly.

<Prev in Thread] Current Thread [Next in Thread>