mailing list archives
Re: [PEN-TEST] eMail auditing problem
From: Jan Muenther <jan () RADIO HUNDERT6 DE>
Date: Thu, 14 Sep 2000 10:52:48 +0200
I've heard from a customer, that he believes, that all of his
is read by someone using an email sniffer! My
question now is: has that to be server sided? I mean can anyone use
email sniffer or has he or she already hacked the
outgoing mail server?
If you suspect a sniffer on the network, try and use something
like sentinel to detect a NIC in promiscuous mode.
On the other hand, are you sure your customer doesn't do things
a) Leaving his computer alone being logged in
b) Give his password freely to other users (to make each one's
I know my users frequently do, and I hit them hard for doing so.
Doesn't help, though.
Radio HUNDERT,6 Medien GmbH Berlin
- EDV -
j.muenther () radio hundert6 de