Penetration Testing mailing list archives
Re: [PEN-TEST] eMail auditing problem
From: Jan Muenther <jan () RADIO HUNDERT6 DE>
Date: Thu, 14 Sep 2000 10:52:48 +0200
Hello there,
I've heard from a customer, that he believes, that all of his outgoing mail is read by someone using an email sniffer! My question now is: has that to be server sided? I mean can anyone use this email sniffer or has he or she already hacked the outgoing mail server?
If you suspect a sniffer on the network, try and use something like sentinel to detect a NIC in promiscuous mode. On the other hand, are you sure your customer doesn't do things like: a) Leaving his computer alone being logged in b) Give his password freely to other users (to make each one's lifes easier) I know my users frequently do, and I hit them hard for doing so. Doesn't help, though. Bye, Jan -- Radio HUNDERT,6 Medien GmbH Berlin - EDV - j.muenther () radio hundert6 de
Current thread:
- [PEN-TEST] eMail auditing problem Groh, Jens (Sep 13)
- Re: [PEN-TEST] eMail auditing problem Nicolas Gregoire (Sep 13)
- Re: [PEN-TEST] eMail auditing problem Mathew Bevan (Sep 13)
- Re: [PEN-TEST] eMail auditing problem DA Smith (Sep 14)
- Re: [PEN-TEST] eMail auditing problem Mathew Bevan (Sep 13)
- Re: [PEN-TEST] eMail auditing problem Jose Nazario (Sep 13)
- Re: [PEN-TEST] eMail auditing problem Karyn Pichnarczyk (Sep 13)
- <Possible follow-ups>
- Re: [PEN-TEST] eMail auditing problem Justin Schaefer (Sep 13)
- Re: [PEN-TEST] eMail auditing problem Erik Tayler (Sep 13)
- Re: [PEN-TEST] eMail auditing problem Jan Muenther (Sep 14)
- Re: [PEN-TEST] eMail auditing problem pete (Sep 14)
- Re: [PEN-TEST] eMail auditing problem Erik Tayler (Sep 13)
- Re: [PEN-TEST] eMail auditing problem Brentlinger, Mike (ISS eServices) (Sep 13)
- Re: [PEN-TEST] eMail auditing problem Dunker, Noah (Sep 13)
- Re: [PEN-TEST] eMail auditing problem Oxenreider, Jeff (Sep 13)
- Re: [PEN-TEST] eMail auditing problem Talisker (Sep 14)
- Re: [PEN-TEST] eMail auditing problem Nicolas Gregoire (Sep 13)