Penetration Testing mailing list archives
Mail Server testing
From: Amal Al Hajeri <moi2002 () emirates net ae>
Date: Sat, 10 May 2003 09:17:10 +0400
Hi List, Am running a pen-test these days against mail servers that have a server side virus scanner as well as a mail content filtering product for inforcing the organization's mail usage policy. I ran couple of tests including : 1.Sending viruses and worms. 2.Sending anti virus testing files from the eicar project http://www.eicar.org/. 3.Sending renamed virus files to files with an allowed type of files extensions. 4.Sending an archived zip files *a zip file that has been zipped for over 4000 times* some anti viruses hang while trying to unzip this file. 5.Sending a genuine exe file renamed to an allowed type of files extension. 6.Sending mails with wordings like *Middlesex* A University in UK. 7.Mail bombing test. I would like to know if you have any other ideas to test server side virus scanners and content filtering products. Also i would like to know what is the best way to prevent mail spamming and bombing. Thanks. -- Amal M Al Hajeri E/Network&Information Security Etisalat Head Office Bld(B) 12th floor Abu Dhabi UAE P.O.Box: 3838 Tel (Office): 00971(2)2584 --------------------------------------------------------------------------- Did you know that you have VNC running on your network? Your hacker does. Plug your security holes. Download a free 15-day trial of VAM: http://www.securityfocus.com/StillSecure-pen-test ----------------------------------------------------------------------------
Current thread:
- Mail Server testing Amal Al Hajeri (May 11)
- <Possible follow-ups>
- Re: Mail Server testing per () same net (May 12)
- Re: Mail Server testing Nicolas Gregoire (May 13)
- Re: Mail Server testing Volker Tanger (May 14)
- Re: Mail Server testing Nicolas Gregoire (May 13)