Security Basics mailing list archives
Re: Re: mail server vulnerability
From: praveen_recker () sify com
Date: 20 Feb 2009 15:37:48 -0000
Hi Abhishek, You can try connecting to the SMTP server using telnet,say c:/>telnet smtp_ip 25 this should not be successful....so system admins should block TELNET to SMTP servers. If successful this gives u the banner. Based upon version and vendor search for any exploits available for free (refer milw0rm, metasploit etc) if u have commercial tools(coreimpact, saint etc) it's well and good. If u are good at Perl develop ur own script and start sending attacks by changing USER names, DOMAIN names etc to overly long strings, format specifiers etc. Best Regards, Praveen Darshanam, Security Researcher, INDIA
Current thread:
- mail server vulnerability Abhishek Kumar (Feb 09)
- Re: mail server vulnerability p3dRø (Feb 09)
- RE: mail server vulnerability Nick Vaernhoej (Feb 09)
- Re: mail server vulnerability Eitan Adler (Feb 10)
- <Possible follow-ups>
- Re: Re: mail server vulnerability viveksilla (Feb 10)
- Re: Re: mail server vulnerability ryancol (Feb 10)
- Re: mail server vulnerability Ansgar Wiechers (Feb 10)
- Re: Re: mail server vulnerability praveen_recker (Feb 20)
- Re: Re: mail server vulnerability Atilla Remote Support (Feb 20)
- Re: Re: mail server vulnerability greimer (Feb 20)
- Re: Re: mail server vulnerability Atilla Remote Support (Feb 20)
- Re: mail server vulnerability Patrick J Kobly (Feb 20)
- Re: mail server vulnerability Atilla Remote Support (Feb 20)
- Re: Re: mail server vulnerability Atilla Remote Support (Feb 20)
- Re: Re: mail server vulnerability Balakrishnan B (Feb 20)