mailing list archives
Re: [PEN-TEST] eMail auditing problem
From: "Brentlinger, Mike (ISS eServices)" <mbrentli () ISS NET>
Date: Wed, 13 Sep 2000 15:05:52 -0400
There are lots of tools that would grab smtp mail traffic off the network.
As long as someone has access to the network and could see the mail traffic
going by a NIC they had access to they could get the mail, theres no reason
why they have to compromise the mail server.
Check out some of these links for more info
drivers/tools for windows boxes
dsniff-tool to get passwords theres also mention of "mailsnarf" which would
do just what you are talking about
winsniff- a tool that would also do what youre talking about.
Hope that was helpful
From: Groh, Jens
To: PEN-TEST () SECURITYFOCUS COM
Sent: 9/13/00 8:16 AM
Subject: eMail auditing problem
as I'm new to the security scene I have to ask you a questions:
I've heard from a customer, that he believes, that all of his outgoing
mail is read by someone using an email sniffer! My
question now is: has that to be server sided? I mean can anyone use this
email sniffer or has he or she already hacked the
outgoing mail server?
How is this to be done?
How would you do that?
Thanx in advance,
Hostmaster / Security