Robot attack testing

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Robot attack testing

lists@lazygranch.com
https://robotattack.org
These tests appear to be aimed at website testing.  Any ideas how to test a mail server for the robot attack?



Reply | Threaded
Open this post in threaded view
|

Re: Robot attack testing

Viktor Dukhovni


> On Dec 12, 2017, at 6:43 PM, Gary <[hidden email]> wrote:
>
> https://robotattack.org
> These tests appear to be aimed at website testing.  Any ideas how to test a mail server for the robot attack?

Nothing at my fingertips.  Note that Postfix TLS support is based on OpenSSL,
and OpenSSL is not vulnerable to the attacks in question.

--
        Viktor.

Reply | Threaded
Open this post in threaded view
|

Re: Robot attack testing

lists@lazygranch.com

Well then that settles that. The press reports made a muddle of this. Thanks.


  Original Message  
From: [hidden email]
Sent: December 12, 2017 3:54 PM
To: [hidden email]
Reply-to: [hidden email]
Subject: Re: Robot attack testing



> On Dec 12, 2017, at 6:43 PM, Gary <[hidden email]> wrote:
>
> https://robotattack.org
> These tests appear to be aimed at website testing.  Any ideas how to test a mail server for the robot attack?

Nothing at my fingertips.  Note that Postfix TLS support is based on OpenSSL,
and OpenSSL is not vulnerable to the attacks in question.

--
Viktor.

Reply | Threaded
Open this post in threaded view
|

Re: Robot attack testing

Bill Cole-3
In reply to this post by lists@lazygranch.com
On 12 Dec 2017, at 18:43 (-0500), Gary wrote:

> https://robotattack.org
> These tests appear to be aimed at website testing.  Any ideas how to
> test a mail server for the robot attack?

In addition to the fact that (non-antique) OpenSSL is not vulnerable to
the attack, the way it works would be difficult to use against any
post-connection TLS initiation (i.e. STARTTLS for SMTP & IMAP4, STLS for
POP3) because it would generate substantial log noise, which it would
not for HTTPS (or probably for "wrappermode" SMTPS.) If you log deeply
enough to see the attack, it gets lost in the background noise.

--
Bill Cole
[hidden email] or [hidden email]
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steady Work: https://linkedin.com/in/billcole