RE: Identify the make and model of a Mail Server

[Bob Radvanovsky <rsradvan () unixworks net>]

As a follow-up to the previous posting about determining the mail server...

Actually, I tried it out and *purposefully* mutilated the SMTP headers in an effort to obfuscate the 'smtpscan' 
utility.  Essentially, it *guessed* on what it *thought* it might have been.  I obfuscated the SMTP header and welcome 
banner.  It listed out 1 of 3 guesses, and was actually one of those 3 listed.  So...yeah....it IS pretty good!

Requires Perl and some libraries that the Perl script utilizes.  So if yer a Winders person, use WinPerl, LINUX/UNIX, 
just plain 'ole Perl.  ;))  Fairly quick (less than 15 minutes to determine what I was running), too.  

-rad

----- Original Message -----
From: Bhaven Haria [mailto:bhaven.haria () gmail com]
To: 'Doug Fox' [mailto:dfox168 () hotmail com]
Cc: pen-test () securityfocus com
Subject: RE: Identify the make and model of a Mail Server


> Hi,
>
> 'SMTPSCAN' can be used to fingerprint the mail server.
>
> Download: http://www.greyhats.org/?smtpscan
> Info: http://www.greyhats.org/remote_smtp_detect.pdf
>
> Cheers,
> Bhaven Haria,
> Paladion Networks,
> India
>
> -----Original Message-----
> From: Doug Fox [mailto:dfox168 () hotmail com] 
> Sent: Wednesday, February 01, 2006 10:00 PM
> To: pen-test () securityfocus com
> Subject: Identify the make and model of a Mail Server
>
> One can use NetCraft (www.netcraft.com) to identify a web server if it is
> Appache, IIS, etc.
>
> How can one identify a mail server behind a firewall, be it Exchange,
> GroupWise, or Lotus Notes?
>
> nmap or nessus helps identify if a mail server is available through tcp port
> 25.
>
> Any info is much appreciated!
>
> Regards,
>
> DF
>
> ----------------------------------------------------------------------------
> --
> Audit your website security with Acunetix Web Vulnerability Scanner: 
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
> futile against web application hacking. Check your website for
> vulnerabilities to SQL injection, Cross site scripting and other web attacks
> before hackers do! 
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> ----------------------------------------------------------------------------
> ---
>
>
> ------------------------------------------------------------------------------
> Audit your website security with Acunetix Web Vulnerability Scanner: 
>
> Hackers are concentrating their efforts on attacking applications on your 
> website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
>
> futile against web application hacking. Check your website for
> vulnerabilities 
> to SQL injection, Cross site scripting and other web attacks before hackers
> do! 
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> -------------------------------------------------------------------------------

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------