[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Possible attack method?? Question..
Am Freitag, den 11.01.2008, 09:44 -0800 schrieb Anon Mus:
> This question is for those with the knowhow.
> A while back I got a number of emails from the same source where the
> emails were sent in "pairs" a minute or less apart.
> The first of each of the "email pair" were large (over 700characters),
> the second were small (under 50 characters). On the face of it the
> "email pairs" appeared to be a genuine error ("oh yes I forgot to
> mention" kind of thing) by the sender, so I took no notice at the time.
Perhaps someone isn't looking for an unknown IP-address, but just want
to prove that the owner if a given IP-address is the owner of the
Mailbox "green lantern at yahoo".
If this one is able to do a traffic analysis on this IP-address and
knows the login time at the pop/imap-Server of yahoo, a well defined
pattern of mail sizes could help.
But in this case I think it's not useful for him, to send these mails in
such short intervals, because you would fetch both mails at one login
and in one stream of data...