Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Sniffing packets between Outlook and Exchange

From: Jeff King <peff-pentest () fenris cc>
Date: Tue, 11 Dec 2001 19:06:27 -0500 (EST)
On Tue, 11 Dec 2001, Harrington, Chris wrote:


In an environment with Outlook 2000 acting as an Exchange client (no POP),
is it possible to sniff the email traffic between the them?? If so, are
there any resources on preventing this?


I looked into this several years ago. IIRC, Outlook->Exchange traffic is
tunneled through an SMB named pipe. It gets user authentication at the
SMB level.  It may also get encryption services there; I don't know.

You might try running a sniffer against your box as you submit or read a
message then grep the results for the partial contents of the message.
You can't prove that it's unsniffable by failing, but you can certainly
prove that it's sniffable by succeeding. :)

-Jeff


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Previous By Date Next
Previous By Thread Next

Current thread: