Saturday, July 05, 2008

Directory Harvest Attacks

To me, the mention of DHA sounds like it came out of a milk powder commercial ... "DHA is good for your baby's mental and physical development ..." until I was enlightened by an IT veteran who had been in the business even before infant formula were marketed with DHA and Omega 3 (remember the KLIM and Dumex days??).

Anyway, I did get my fair servings of DHA (Docosahexaenoic acid) as a child. I've been taking quite a lot of Scott's Emulsion (made of cod liver oil, and fish oils are supposedly rich in DHA and Omega 3).
The Scott's brand is a cod liver oil range of emulsions rich in natural sources of vitamin A and D, calcium, phosphorus and omega 3. The emulsion helps build up the body's natural resistance to infections and develop strong bones and teeth.
Cod liver oil is a nutritional supplement derived from liver of cod fish. It has high levels of the omega-3 fatty acids, EPA and DHA, and very high levels of vitamin A, and vitamin D. It is widely taken to ease the symptoms of arthritis as well as other health benefits. It was once commonly given to children.
Anyway. back to the topic: DHA stands for Directory Harvest Attack.
The more recent trend for harvesting email addresses is the DHA (Directory Harvest Attack). ... The SMTP protocol has a special command VRFY which was designed to help the senders whether the username exists before attempting to send an email - Stason.Org
The success of a directory harvest attack relies on the recipient e-mail server rejecting e-mail sent to invalid recipient e-mail addresses during the Simple Mail Transport Protocol (SMTP) session. Wikipedia
Enterprise e-mail security vendor Postini reports that DHAs increased by 250 percent in 2003 and now account for as much as one-quarter of the requests that some SMTP (Simple Mail Transfer Protocol) servers process each day. - PCMag
Q: What is a DIRECTORY HARVEST attack?
A: Spammers probe SMTP mail servers on the Internet in an attempt to discover valid addresses at a domain. They set their computers to try sending email to different addresses using a dictionary of common first name and last name combinations. Since companies sometimes use a standardized name format as the first portion of an email address (before the @domain) these harvesting attempts may succeed.- CMS FAQ
I'll get straight to the point. An alert reader would have by now guess that I am driving home a point about the relationship between DHA and SMTP.

I was told by our vet., that IMAP was disabled due to security concerns because IMAP is susceptible to DHA. Yes, there is no typo, there is no mistake, and I am completely sober and awake (even though it may be 3am in the morning right now). Try as I might, I cannot find any literature linking IMAP to DHA.

Please, somebody ... prove me wrong!

Who are the people running your company's IT operations? Or rather, what kind of people are they? *SHUDDER*

Talk about believing the traditional establishment sanctioned media. BAH! Pigs can fly.

No comments: