[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Possible attack method?? Question..

Am Freitag, den 11.01.2008, 09:44 -0800 schrieb Anon Mus:
> This question is for those with the knowhow.
> A while back I got a number of emails from the same source where the 
> emails were sent in "pairs" a minute or less apart.
> The first of each of the "email pair" were large (over 700characters), 
> the second were small (under 50 characters). On the face of it the 
> "email pairs"  appeared to be a genuine error ("oh yes I forgot to 
> mention" kind of thing) by the sender, so I took no notice at the time.

Perhaps someone isn't looking for an unknown IP-address, but just want
to prove that the owner if a given IP-address is the owner of the
Mailbox "green lantern at yahoo". 

If this one is able to do a traffic analysis on this IP-address and
knows the login time at the pop/imap-Server of yahoo, a well defined
pattern of mail sizes could help. 

But in this case I think it's not useful for him, to send these mails in
such short intervals, because you would fetch both mails at one login
and in one stream of data...