Intro to Email Bomb
In Internet usage, an
email bomb is a form
of net abuse consisting
of sending huge
volumes ofemail to an
address in an attempt
to overflow the mailbox
or overwhelm the
server where the email
address is hosted in a
denial-of-service attack.
Methods of email
bombing
There are two methods
of perpetrating an email
bomb: mass mailing and
list linking.
Mass mailing
Mass mailing consists
of sending numerous
duplicate mails to the
sameemail address.
These types of mail
bombs are simple to
design but their
extreme simplicity
means they can be
easily detected by
spam filters. Email-
bombing using mass
mailing is also
commonly performed
as aDDoS attack by
employing the use of
"zombie"botnets;
hierarchical networks of
computers
compromised by
malware and under the
attacker's control.
Similar to their use in
spamming, the attacker
instructs the botnet to
send out millions or
even billions of emails,
but unlike normal
botnet spamming, the
emails are all addressed
to only one or a few
addresses the attacker
wishes to flood. This
form of email bombing
is similar in purpose to
otherDDoS flooding
attacks. As the targets
are frequently the
dedicated hosts
handling website and
email accounts of a
business, this type of
attack can be just as
devastating to both
services of the host.
This type of attack is
more difficult to defend
against than a simple
mass-mailing bomb
because of the multiple
source addresses and
the possibility of each
zombie computer
sending a different
message or employing
stealth techniques to
defeat spam filters.
List linking
List linking means
signing a particular email
address up to several
email list subscriptions.
The victim then has to
unsubscribe from these
unwanted services
manually. In order to
prevent this type of
bombing, most email
subscription services
send a confirmation
email to a person's
inbox when that email
is used to register for a
subscription. This
method of prevention is
easily circumvented: if
the perpetrator
registers a new email
account and sets it to
automatically forward
all mail to the victim, he
or she can reply to the
confirmation emails,
and the list linking can
proceed.
Zip bombing
A ZIP bomb is a variant
of mail-bombing. After
most commercial mail
servers began checking
mail withanti-virus
software and filtering
certain malicious file
types,EXE, RAR, Zip, 7-
Zip, mail server
software was then
configured to unpack
archives and check their
contents as well. A new
idea to combat this
solution was composing
a "bomb" consisting of
an enormous text file,
containing, for example,
only the letter z
repeating millions of
times. Such a file
compresses into a
relatively small archive,
but its unpacking
(especially by early
versions of mail
servers) would use a
greater amount of
processing, which could
result in aDoS (Denial of
Service).
email bomb is a form
of net abuse consisting
of sending huge
volumes ofemail to an
address in an attempt
to overflow the mailbox
or overwhelm the
server where the email
address is hosted in a
denial-of-service attack.
Methods of email
bombing
There are two methods
of perpetrating an email
bomb: mass mailing and
list linking.
Mass mailing
Mass mailing consists
of sending numerous
duplicate mails to the
sameemail address.
These types of mail
bombs are simple to
design but their
extreme simplicity
means they can be
easily detected by
spam filters. Email-
bombing using mass
mailing is also
commonly performed
as aDDoS attack by
employing the use of
"zombie"botnets;
hierarchical networks of
computers
compromised by
malware and under the
attacker's control.
Similar to their use in
spamming, the attacker
instructs the botnet to
send out millions or
even billions of emails,
but unlike normal
botnet spamming, the
emails are all addressed
to only one or a few
addresses the attacker
wishes to flood. This
form of email bombing
is similar in purpose to
otherDDoS flooding
attacks. As the targets
are frequently the
dedicated hosts
handling website and
email accounts of a
business, this type of
attack can be just as
devastating to both
services of the host.
This type of attack is
more difficult to defend
against than a simple
mass-mailing bomb
because of the multiple
source addresses and
the possibility of each
zombie computer
sending a different
message or employing
stealth techniques to
defeat spam filters.
List linking
List linking means
signing a particular email
address up to several
email list subscriptions.
The victim then has to
unsubscribe from these
unwanted services
manually. In order to
prevent this type of
bombing, most email
subscription services
send a confirmation
email to a person's
inbox when that email
is used to register for a
subscription. This
method of prevention is
easily circumvented: if
the perpetrator
registers a new email
account and sets it to
automatically forward
all mail to the victim, he
or she can reply to the
confirmation emails,
and the list linking can
proceed.
Zip bombing
A ZIP bomb is a variant
of mail-bombing. After
most commercial mail
servers began checking
mail withanti-virus
software and filtering
certain malicious file
types,EXE, RAR, Zip, 7-
Zip, mail server
software was then
configured to unpack
archives and check their
contents as well. A new
idea to combat this
solution was composing
a "bomb" consisting of
an enormous text file,
containing, for example,
only the letter z
repeating millions of
times. Such a file
compresses into a
relatively small archive,
but its unpacking
(especially by early
versions of mail
servers) would use a
greater amount of
processing, which could
result in aDoS (Denial of
Service).
CopyRights: Please Stop Stealing contents from our site i.e xedlgubaid.blogspot.com . I am working hard to create an article, you simply copying? Please respect our hard work. Atleast place backlink to our site & give credit to our blog/author. Hope you will understand our feelings.
This comment has been removed by a blog administrator.
ReplyDelete