Echo
Brad Knowles
brad.knowles at skynet.be
Fri Aug 16 20:27:08 UTC 2002
At 9:43 PM +0200 2002/08/16, Karsten W. Rohrbach wrote:
> Brad Knowles(brad.knowles at skynet.be)@2002.08.16 19:48:10 +0000:
>> What kinds of anti-abuse protection methods have people used for
>> "echo" accounts that they have set up?
>
> - scoreboard: one mail from one source addres in one minute time window
Yeah, but then abusers could easily generate elephantine
quantities of messages, simply by randomly generating return
addresses (if they wanted to DoS you or your network), or by randomly
generating the user portion of return addresses (if they wanted to
abuse you to DoS someone else). If they know that there are multiple
domains handled by the same servers, they could randomly generate
addresses within that set of domains.
> - gnupg: mail needs to be signed to fire a return mail. key of the
> signer must belong to the robot's gpg trust web.
Ooh, so in order to use the echo server, they have to send a PGP
signed message? Wow, that's pretty expensive. That sounds like a
really excellent way to DoS your server.
Thanks for sharing!
--
Brad Knowles, <brad.knowles at skynet.be>
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-Benjamin Franklin, Historical Review of Pennsylvania.
GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E W+++(--) N+ !w---
O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++)
tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)
More information about the NANOG
mailing list