Penetration Testing mailing list archives
Re: Identify the make and model of a Mail Server
From: Bojan Zdrnja <bojan.zdrnja () gmail com>
Date: Sun, 5 Feb 2006 10:55:49 +1300
On 2/2/06, Doug Fox <dfox168 () hotmail com> wrote:
One can use NetCraft (www.netcraft.com) to identify a web server if it is Appache, IIS, etc. How can one identify a mail server behind a firewall, be it Exchange, GroupWise, or Lotus Notes? nmap or nessus helps identify if a mail server is available through tcp port 25.
Well, be it behind the firewall or not, port 25 *has* to be open if you want to receive e-mail from other machines on the Internet. Whenever you want to identify some application, you will have to rely on banners that you see after you establish communication. Most of the servers will nicely identify them self in the first banner line. This can be changed and some administrators will remove all identifying messages from the banner. I've seen servers modified like this, but there are other small clues you can use to identify them: - make some SMTP errors so you see how the remote server handles it (how it informs you of an error). You can probably make a nice table with various SMTP servers and their error handling - try opening connection with EHLO and try using the HELP command, this one often gives more detail about the remote server. Cheers, Bojan ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Identify the make and model of a Mail Server Doug Fox (Feb 04)
- RE: Identify the make and model of a Mail Server Terry Vernon (Feb 04)
- Re: Identify the make and model of a Mail Server Bojan Zdrnja (Feb 04)
- RE: Identify the make and model of a Mail Server Joseph Jenkins (Feb 04)
- Re: Identify the make and model of a Mail Server Devdas Bhagat (Feb 04)
- RE: Identify the make and model of a Mail Server Bhaven Haria (Feb 05)
- <Possible follow-ups>
- RE: Identify the make and model of a Mail Server Bob Radvanovsky (Feb 05)
- RE: Identify the make and model of a Mail Server Bob Radvanovsky (Feb 09)