> -----Original Message----- > From: squirrelmail-users-bounces@xxxxxxxxxxxxxxxxxxxxx [mailto:squirrelmail- > users-bounces@xxxxxxxxxxxxxxxxxxxxx] On Behalf Of Res > Sent: Sunday, May 04, 2008 6:22 PM > To: Squirrelmail User Support Mailing List > Subject: Re: is this a spam > > On Sun, 4 May 2008, Marc Powell wrote: > > I have heard of similar issues recently on other lists, it's most likely > the user accounts have been brute force guessed, too many users (idiots) Plausible guess but that's easily detected. We've been able to find enough examples of the actual e-mails where 'compromised' accounts responded to the phish to be very certain that's what's happening. > use such simple passwords, a few years ago when I worked for another Well, only because they were permitted to. > company that did wholesale internet to visps, I found one visp that had > around 2K users, and of that I estimated about 1500 used "password" as > the password, I know it was the clueless twits at the visp that set it > up for them, but FFS.... and whats worse is the fact 1500 odd of em never > bothered to change it from their members area! > Although the visp spent 3 days fixing it all up once I discovered it > and threatened to write a small perl script to connect to the DB and > globally change every users password with random crap causing a major > headache for their support staff ;) Sounds pretty childish and unethical in a number of ways. Thanks for sharing though. > If your users passwords are encrypted, write a small perl script to try > login to each of their pop accounts with somthing stupid like password as > password or their names or whatever, kind of a small limited brute force > for simple passwords and kick the users buttocks who uses a simple one. Thanks, I'll stick to requiring complex passwords from the get-go. -- Marc ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone ----- squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
