Re: auditing VSE/DOS

[v b <r0cketgrl () yahoo com>]

Christian --

Mr. Google is your friend. Plug VSE Audit programs
into Google and you will receive multiple hits.  I
found the following most specific to DOS/VSE to get
you started:

http://tinyurl.com/dea9r

Also try the other links at www.auditnet.org

I am sure I have some VSE/MVS specific tools in my
archives.  Contact me off-line if you would like.

Regards,

Valerie


--- Christian Kopacsi <ckopacsi () cmhcm org> wrote:

> Anyone have a checklist, best practice guide or any
> tools for auditing VSE/DOS?
>
>
>   
> Christian Kopacsi 
>
>
>
>
>
>
> -----Original Message-----
> From: Hugo Vinicius Garcia Razera
> [mailto:hviniciusg () gmail com]
> Sent: Tuesday, November 08, 2005 12:27 PM
> To: Tomasz Nidecki
> Cc: pen-test () securityfocus com
> Subject: Re: e-mail address mining tool?
>
>
> I agree whit every thing u said Tomas, but from the
> point off view off
> a penetration testing it would be a very nice way to
> get what users
> are valid on that domain. assuming that the only
> service available is
> external mail for the users, witch is the case I'm
> working right know.
>
> Now comes the question, if i develop such tool, and
> the spamers get
> the hands on it i will kill my self :), i don't want
> no more sper.....
> pills mails or...  well i think u know what i mean.
>
> An interesting way off gathering the emails(users)
> could be if u get a
> "mailer daemon reply"
> of an invalid user, so if u don't get anything,
> there is the
> probability that the account is valid.
>
> any comments any one.
>
> Greetings
>
> Hugo Vinicius Garcia Razera
>
>
> On 11/7/05, Tomasz Nidecki <tonid () hakin9 org> wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: MD5
> >
> > Sunday, November 6, 2005, 6:36:48 PM, Eyal wrote:
> >
> > > I'm not aware of any tool which can test emails
> against an address file.
> > > The most efficient approach to achieve this
> functionality is to write a
> > > simple script which sends the SMTP VRFY command
> for each entry in an address
> > > file.
> >
> > > Note that some mail servers do not support this
> command in order to thwart
> > > spammers.
> >
> > Hi, everyone.
> >
> > Well, to be exact, almost no servers support this
> command nowadays.
> > qmail definitely doesn't. AFAIK, Postfix doesn't
> either, at least it
> > didn't the last time I checked. Neither did Exim.
> Only Sendmail, in
> > its standard config, responds to the VRFY command.
> I don't know about
> > commercial, Windows mailservers, but I found the
> VRFY command
> > supported in very few cases. Therefore I would not
> base anything on
> > its output.
> >
> > Also, testing the existence of the user is rarely
> done on the level of
> > mail envelope. Therefore, you cannot expect the
> mailserver to either
> > reply right after sending the RCPT TO command that
> the user doesn't
> > exist or reply in such away after DATA is sent.
> The only thing you can
> > expect, is that if the user address is invalid,
> you will receive a
> > mailer daemon reply to the MAIL FROM address.
> >
> > But... This is also not certain. Some mailservers
> use a default
> > account for a given domain, eg. qmail, which I
> specialise in. If such
> > a setup is made, all mail to inexistant users in a
> given domain is
> > directed to a chosen existant account. Therefore
> you will not receive
> > any answer from the mailserver, if a bad e-mail
> address is given in
> > RCPT TO, since mail will be delivered to an
> existing user.
> > Therefore, there is no tool and there will be no
> such tool. Which is
> > good, because if there was, spammers would have a
> much easier life
> > making databases of existing users, so they can
> sell them later on.
> > Cheers,
> >
> > - --
> > Tomasz Nidecki, Sekr. Redakcji / Managing Editor
> > hakin9 magazine            http://www.hakin9.org
> > mailto:tonid () hakin9 org      jid:tonid () tonid net
> >
> > Do you know what "hacker" means?
> > http://www.catb.org/~esr/faqs/hacker-howto.html
> >
> > Czy wiesz, co znaczy slowo "haker"?
> > http://www.jtz.org.pl/Inne/hacker-howto-pl.html
> >
> > -----BEGIN PGP SIGNATURE-----
> > Version: 2.6
iQCVAwUAQ28M6ER7PdagQ735AQE90gP9EXVRDGUNNQdWgSCHDeYItm7AuZzj0JYF
> >
ExOhwTC/863ATjCC18b3lGD+qCKvC3ud4q213HqFOUkEGEraWboxVziQluwbnWqz
> >
zjdlxfdj0JHPEP5aqTwS2JE34CvCXqMoN+tVVALD/RvcqqCYQr8jzNn+Q9uzePc2
> > x2FsceCmFSs=
> > =m5Ng
> > -----END PGP SIGNATURE-----
------------------------------------------------------------------------------
> > Audit your website security with Acunetix Web
> Vulnerability Scanner:
> > Hackers are concentrating their efforts on
> attacking applications on your
> > website. Up to 75% of cyber attacks are launched
> on shopping carts, forms,
> > login pages, dynamic content etc. Firewalls, SSL
> and locked-down servers are
> > futile against web application hacking. Check your
> website for vulnerabilities
> > to SQL injection, Cross site scripting and other
> web attacks before hackers do!
> > Download Trial at:
> http://www.securityfocus.com/sponsor/pen-test_050831
> >
-------------------------------------------------------------------------------
> >
------------------------------------------------------------------------------
> Audit your website security with Acunetix Web
> Vulnerability Scanner: 
>
> Hackers are concentrating their efforts on attacking
> applications on your 
> website. Up to 75% of cyber attacks are launched on
> shopping carts, forms, 
> login pages, dynamic content etc. Firewalls, SSL and
> locked-down servers are 
> futile against web application hacking. Check your
> website for vulnerabilities 
> to SQL injection, Cross site scripting and other web
> attacks before hackers do! 
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
>
------------------------------------------------------------------------------
> Audit your website security with Acunetix Web
> Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking
> applications on your
> website. Up to 75% of cyber attacks are launched on
> shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and
> locked-down servers are
> futile against web application hacking. Check your
> website for vulnerabilities
> to SQL injection, Cross site scripting and other web
> attacks 
=== message truncated ===




                
__________________________________ 
Yahoo! FareChase: Search multiple travel sites in one click.
http://farechase.yahoo.com

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------