Spam Links
HomeInfoFilterPreventTrackToolsMore
Spam Links > Prevent > Secure > DHA
  spamlinks.net/prevent-secure-dha.htm
AboutSearchSitemapContactBlog

Directory Harvest Attacks

Directory Harvest Attacks (DHAs), sometimes called Dictionary Attacks, are carried out by spammers against mail servers. Various combinations of username are tried - a@example.com, b@example.com; if the server responds differently for a valid or invalid user, a list of valid users can be built up.

Various mail servers now have inbuilt protection against DHAs, and filtering gateways and managed services are available that can help.

Understanding Directory Harvest Attacks - www.pcmag.com/article2/0,1759,1543581,00.asp
What are Directory Harvest Attacks? - www.postini.com/services/what_are_dhas.html - see “Directory Harvest Attacks” at Postini Email Stat Track
Dictionary Attacks - mail.cotse.net/dictionary_attacks.html
Spammers Grab MSN Hotmail addresses - www.spamhaus.org/news.lasso?article=6

Application Harvesting Advisories Vulnerability Reference
Communigate Communigate email verification email harvesting CVE-2000-1002
BID-1792
XFDB-5363
Majordomo Majordomo which_access variable set to “open” could disclose email addresses BID-6761
XFDB-11243
Netscape Messaging Netscape Messaging email verification email harvesting CVE-2000-0960
BID-1787
XFDB-5364
NTMail NTMail does not disable the VRFY command CVE-1999-0819
BID-0856
XFDB-3719

Related

Top Index

AboutSearchSitemapContactBlog
everything you didn't want to have to know about spam

Hosted by spam.abuse.net, with help from Neil Schwartzman. Domain registration by Gregg DesElms. Logo by Art101.
Spam Links Home Creative Commons License
This work is licensed under a Creative Commons License. SPAM is a trademark of Hormel Foods.
Page last updated: 17-Oct-2009