Loading ...
Sorry, an error occurred while loading the content.

295901Re: Temporarily block domain.tld from sending?

Expand Messages
  • Robert L Mathews
    Oct 10, 2013
    • 0 Attachment
      On 10/8/13 5:15 PM, lists@... wrote:

      > I'm still perplexed with access: the user claims no one else had ftp
      > password, ftp password was a random 8-char alpha/numeric string,
      > can there be any other reason that leaked password...?

      There are several Windows PC viruses, including the common "Gumblar"
      family, that steal saved FTP passwords from files on the computer.

      They simply have a list of file locations where various FTP clients such
      as FileZilla and Dreamweaver store saved passwords. They scan all these
      locations and send any results back to a central server.

      Some of these viruses also incorporate network sniffing to detect FTP
      passwords.

      So even if the password was random and used only on a single computer,
      it may have been obtained by evildoers if the user checked a "remember
      this password" option or ever connected to a non-TLS FTP server. The
      user should scan any computer that ever used this password for viruses.

      --
      Robert L Mathews, Tiger Technologies, http://www.tigertech.net/
    • Show all 18 messages in this topic