Penetration Testing mailing list archives
Re: e-mail address mining tool?
From: Tomasz Nidecki <tonid () hakin9 org>
Date: Thu, 10 Nov 2005 13:09:44 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: MD5 Thursday, November 10, 2005, 12:26:48 PM, James wrote:
It is also worth considering that companies will not necessarily assign employees e-mail addresses matching their usernames - there is, in fact, quite a strong argument to be made for assigning people usernames exclusively for authentication and making their e-mail address entirely different. A company might, for instance, give Joe Bloggs the username Bloggs01J, and make his e-mail address Joe.Bloggs () example org - and simply don't setup a mailbox or alias for Bloggs01J () example org (or, only accept mail to Bloggs01J internally, and only setup the Joe.Bloggs address for your external mail domain).
... and it's also worth considering that many companies use solutions such as vmailmgr or vpopmail, where there is actually one system account per domain or per mail server. - -- Tomasz Nidecki, Sekr. Redakcji / Managing Editor hakin9 magazine http://www.hakin9.org mailto:tonid () hakin9 org jid:tonid () tonid net Do you know what "hacker" means? http://www.catb.org/~esr/faqs/hacker-howto.html Czy wiesz, co znaczy slowo "haker"? http://www.jtz.org.pl/Inne/hacker-howto-pl.html -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUAQ3M4iER7PdagQ735AQHrVAQAqnY4s8TxtIRAS20LHbdaL2sQfQE/chra 90KTJIyMthrytTm6JuiRa3XqqlQ5t6iaKGwG09KjPuORWbXlHUiQiCteJPauy+L/ cUdrURR+zfjaaRG+F3u0aCb6NkPG0DXkxEE2OgPWJ8X9sopuWT2uoO9ESt7/rP7n yCFsy/qkr4k= =ccC3 -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- e-mail address mining tool? Hugo Vinicius Garcia Razera (Nov 05)
- RE: e-mail address mining tool? Eyal Udassin (Nov 06)
- Re: e-mail address mining tool? Tomasz Nidecki (Nov 07)
- Re: e-mail address mining tool? Justin (Nov 08)
- Message not available
- Re: e-mail address mining tool? Tomasz Nidecki (Nov 09)
- Re: e-mail address mining tool? Diarmaid McManus (Nov 10)
- Re: e-mail address mining tool? Tomasz Nidecki (Nov 07)
- RE: e-mail address mining tool? Eyal Udassin (Nov 06)
- Re: e-mail address mining tool? Hugo Vinicius Garcia Razera (Nov 08)
- Re: e-mail address mining tool? Tomasz Nidecki (Nov 09)
- Re: e-mail address mining tool? James Eaton-Lee (Nov 10)
- Re: e-mail address mining tool? Tomasz Nidecki (Nov 10)
- <Possible follow-ups>
- Re: e-mail address mining tool? Marco Ivaldi (Nov 13)