Penetration Testing mailing list archives
Re: Sniffing packets between Outlook and Exchange
From: Jeff King <peff-pentest () fenris cc>
Date: Tue, 11 Dec 2001 19:06:27 -0500 (EST)
On Tue, 11 Dec 2001, Harrington, Chris wrote:
In an environment with Outlook 2000 acting as an Exchange client (no POP), is it possible to sniff the email traffic between the them?? If so, are there any resources on preventing this?
I looked into this several years ago. IIRC, Outlook->Exchange traffic is tunneled through an SMB named pipe. It gets user authentication at the SMB level. It may also get encryption services there; I don't know. You might try running a sniffer against your box as you submit or read a message then grep the results for the partial contents of the message. You can't prove that it's unsniffable by failing, but you can certainly prove that it's sniffable by succeeding. :) -Jeff ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Sniffing packets between Outlook and Exchange Harrington, Chris (Dec 11)
- Re: Sniffing packets between Outlook and Exchange Jeff King (Dec 12)
- Re: Sniffing packets between Outlook and Exchange kam (Dec 12)