<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Penetration Testing: Filtering email headers generated from internal network (Sensible?)

Filtering email headers generated from internal network (Sensible?)

From: Bipin Gautam <visitbipin_at_hotmail.com>
Date: 9 May 2005 15:36:06 -0000

('binary' encoding is not supported, stored as-is) Is it sensible to filter extra email headers in the gateway generated from your internal network before it leaves your server, so that Information like... User-Agent:, X-Virus-Scanned:, and those EXTRA hopps of Received from: (headers........) won't leak out, which could be a valuable information for a potential intruder. Moreover the trouble multiplies if a software exploit is realesed before patch. It is kinda Security by obscurity. But if it buys you some extra time to act isn't is sensible to impliment or just too paranoid?

drop your views,
Bipin Gautam
http://bipin.sosvulnerable.net/
Received on May 09 2005

This message: [ Message body ]
Next message: Kyle Maxwell: "Re: Fingerprinting Firewall"
Previous message: Demetrio Carrión: "Re: Fingerprinting Firewall"
Next in thread: anyluser: "RE: Filtering email headers generated from internal network (Sensible?)"
Maybe reply: anyluser: "RE: Filtering email headers generated from internal network (Sensible?)"
Reply: Eyal Udassin: "RE: Filtering email headers generated from internal network (Sensible?)"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos