Penetration Testing: RE: Identify the make and model of a Mail Server

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Penetration Testing mailing list archives

RE: Identify the make and model of a Mail Server

From: "Joseph Jenkins" <maillist () breathe-underwater com>
Date: Sat, 4 Feb 2006 22:03:58 -0800

When you telnet into port 25 on most smtp servers it will tell you what it
is even if it is behind a firewall.  The firewall will pass the traffic
directly into the server.  For example if someone has put their domino
server out onto the internet, when you telnet into port 25 it will tell you
the version of Domino server that is running.  Also while most admins will
use the generic mail.xxxx.xxx in their DNS records, the smtp server will
tell you what it's true name is.  This can either give you a clue as to what
software the server is running or it can even tell you the naming scheme the
company uses.

Hope it helps.

-----Original Message-----
From: Doug Fox [mailto:dfox168 () hotmail com] 
Sent: Wednesday, February 01, 2006 8:30 AM
To: pen-test () securityfocus com
Subject: Identify the make and model of a Mail Server

One can use NetCraft (www.netcraft.com) to identify a web server if it is 
Appache, IIS, etc.

How can one identify a mail server behind a firewall, be it Exchange, 
GroupWise, or Lotus Notes?

nmap or nessus helps identify if a mail server is available through tcp port

25.

Any info is much appreciated!

Regards,

DF

----------------------------------------------------------------------------
--
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are

futile against web application hacking. Check your website for
vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers
do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
----------------------------------------------------------------------------
---



------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

By Date By Thread

Current thread:

Identify the make and model of a Mail Server Doug Fox (Feb 04)
- RE: Identify the make and model of a Mail Server Terry Vernon (Feb 04)
- Re: Identify the make and model of a Mail Server Bojan Zdrnja (Feb 04)
- RE: Identify the make and model of a Mail Server Joseph Jenkins (Feb 04)
- Re: Identify the make and model of a Mail Server Devdas Bhagat (Feb 04)
- RE: Identify the make and model of a Mail Server Bhaven Haria (Feb 05)
- <Possible follow-ups>
- RE: Identify the make and model of a Mail Server Bob Radvanovsky (Feb 05)
- RE: Identify the make and model of a Mail Server Bob Radvanovsky (Feb 09)