Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] eMail auditing problem
From: Jan Muenther <jan () RADIO HUNDERT6 DE>
Date: Thu, 14 Sep 2000 10:52:48 +0200

Hello there,

I've heard from a customer, that he believes, that all of his
outgoing mail
is read by someone using an email sniffer! My
question now is: has that to be server sided? I mean can anyone use
this
email sniffer or has he or she already hacked the
outgoing mail server?

If you suspect a sniffer on the network, try and use something
like sentinel to detect a NIC in promiscuous mode.
On the other hand, are you sure your customer doesn't do things
like:

a) Leaving his computer alone being logged in
b) Give his password freely to other users (to make each one's
lifes easier)

I know my users frequently do, and I hit them hard for doing so.
Doesn't help, though.

Bye, Jan
--
Radio HUNDERT,6 Medien GmbH Berlin
- EDV -
j.muenther () radio hundert6 de


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault