Security Incidents mailing list archives
Re: blind forwards
From: ltaylor () TECHNOLOGYEVALUATION COM (Laura Taylor)
Date: Thu, 29 Jun 2000 14:22:11 -0400
It would be difficult to accurately find this out without access to all the network devices along route, but if you use a product like Lexiguard (www.lexias.com) for sending email, without the right key, all they will get is an encrypted and unreadable piece of plaintext. I have not done any brute force testing to see how easy it is to break the Lexiguard keys, but the product is slick, easier to use than PGP, and worth taking a look at. I think you are trying to solve the wrong problem. Assume that your email can be intercepted. Now look for the solution. Encrypt your email. You don't need an expensive VPN, Lexiguard can be installed in 15 minutes per desktop. Lexiguard Review http://www.technologyevaluation.com/Research/ResearchHighlights/Security/200 0/01/news_analysis/NA_ST_LPT_01_31_00_1.asp Laura ----------------------------------------------------------- Laura Taylor Director, Security Research Technology Evaluation Center (TEC) TEC Security Index http://www.technologyevaluation.com/Research/ResearchHighlights/Security/ind ex.asp Phone: 781-376-2813 Fax: 781-756-0245 -----Original Message----- From: Keith McCammon [mailto:kmccammon () TIDALWAVE NET] Sent: Wednesday, June 28, 2000 4:14 PM To: INCIDENTS () SECURITYFOCUS COM Subject: blind forwards Hey all, This may or may not be the right list for this. It doesn't seem to fit nicely anywhere. However, we're investigating this at work, and I know someone out there knows the answer. (An incident I suppose) I'm curious to find out how one could go about analyzing an e-mail to find out if it is being intercepted upstream before it reaches the intended recipient. For example, with some e-mail servers, a file can be placed in the user's mailbox on the server that will "blind" forward any incoming mail to a given address. SMTP Server --> Recipient's Mail Server--> USER-X (blind) and INTENDED-USER (as usual) I'd imagine that this is highly illegal at the upstream level under most circumstances; and I know there's a way to find out if this type of snooping is taking place. Anyone? Anyone? Keith
Current thread:
- Re: blind forwards Laura Taylor (Jun 29)