Dailydave mailing list archives
Re: Sending remote procedure calls through e-mail (RPC-Mail)
From: John Bryson <john.bryson () oit gatech edu>
Date: Wed, 20 Oct 2004 09:17:15 -0400
On Wed, 2004-10-20 at 04:38, Peter Busser wrote:
Hi!While I find portknocking ingenious, it is somewhat cumbersome and overly complex for most users. I propose an alternative - send remote procedure calls via e-mail. I've coded an application that fits the bill: RPC-Mail.First of all the term RPC is wrong in this context. A command is not the same as a procedure. Second, this ``RPC-Mail'' looks a lot like a subset of the UUCP functionality. UUCP is based on store and forward and remote execution of commands. Most people on this list have probably never seen or used UUCP, but before Internet connections got affordable, it was used by many sites to be able to send and receive e-mail and USENET news.The premise of RPC-Mail is simple: (1) Construct an e-mail message that has a command that you want one of your remote PCs to execute. (2) Send the e-mail to a special account that is only used by RPC-Mail. (3) Have the remote PC set up with a scheduled task or cron job to periodically execute the application RPC-Mail.py. (4) When RPC-Mail.py executes, it parses all of the subject lines and message bodies of e-mail messages that it finds. If the message body contains a special passphrase, RPC-Mail executes the subject line as a command, and returns standard output as an e-mail message. For more information check out my full write up on: http://www.sharp-ideas.net/It would be better to sign and/or encrypt the message with GnuPG. E-mail can be intercepted if it is not delivered directly to the target machine. And if it is, it can be sniffed. Portnocking is a clumsy way to implement remote authentication. Most implementations are prone to replay attacks and therefore offer nothing more than security through obscurity. Groetjes, Peter. _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave
Yes, but wouldnt port knocking stop a lot of automated attacks? After all canned scripts and some worms directly attack a known port, which wouldnt be available without first doing the correct port knock for the organization. It might be security thru obscurity, but it would still be somewhat effective against this type of attack, right? -- John Bryson _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Sending remote procedure calls through e-mail (RPC-Mail) Abe Usher (Oct 19)
- Re: Sending remote procedure calls through e-mail (RPC-Mail) David Maynor (Oct 19)
- Message not available
- Fwd: Sending remote procedure calls through e-mail (RPC-Mail) Chris Kuethe (Oct 19)
- Re: Sending remote procedure calls through e-mail(RPC-Mail) Kurt Seifried (Oct 19)
- Fwd: Sending remote procedure calls through e-mail (RPC-Mail) Chris Kuethe (Oct 19)
- Re: Sending remote procedure calls through e-mail (RPC-Mail) Cristiano Lincoln Mattos (Oct 19)
- Re: Sending remote procedure calls through e-mail (RPC-Mail) Chris Kuethe (Oct 19)
- Re: Sending remote procedure calls through e-mail (RPC-Mail) Frank Knobbe (Oct 19)
- 'pr0jekt MAYHeM -- "~el8 team"' in full effect on the Daily Dave, etc =) robert (Oct 19)
- Re: Sending remote procedure calls through e-mail (RPC-Mail) Chris Kuethe (Oct 19)
- Re: Sending remote procedure calls through e-mail (RPC-Mail) Peter Busser (Oct 20)
- Re: Sending remote procedure calls through e-mail (RPC-Mail) John Bryson (Oct 20)
- Re: Sending remote procedure calls through e-mail (RPC-Mail) Paul Wouters (Oct 20)
- Re: Sending remote procedure calls through e-mail (RPC-Mail) John Bryson (Oct 20)
- Re: Sending remote procedure calls through e-mail (RPC-Mail) John Bryson (Oct 20)