Penetration Testing mailing list archives
RE: Identify the make and model of a Mail Server
From: "Joseph Jenkins" <maillist () breathe-underwater com>
Date: Sat, 4 Feb 2006 22:03:58 -0800
When you telnet into port 25 on most smtp servers it will tell you what it is even if it is behind a firewall. The firewall will pass the traffic directly into the server. For example if someone has put their domino server out onto the internet, when you telnet into port 25 it will tell you the version of Domino server that is running. Also while most admins will use the generic mail.xxxx.xxx in their DNS records, the smtp server will tell you what it's true name is. This can either give you a clue as to what software the server is running or it can even tell you the naming scheme the company uses. Hope it helps. -----Original Message----- From: Doug Fox [mailto:dfox168 () hotmail com] Sent: Wednesday, February 01, 2006 8:30 AM To: pen-test () securityfocus com Subject: Identify the make and model of a Mail Server One can use NetCraft (www.netcraft.com) to identify a web server if it is Appache, IIS, etc. How can one identify a mail server behind a firewall, be it Exchange, GroupWise, or Lotus Notes? nmap or nessus helps identify if a mail server is available through tcp port 25. Any info is much appreciated! Regards, DF ---------------------------------------------------------------------------- -- Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 ---------------------------------------------------------------------------- --- ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Identify the make and model of a Mail Server Doug Fox (Feb 04)
- RE: Identify the make and model of a Mail Server Terry Vernon (Feb 04)
- Re: Identify the make and model of a Mail Server Bojan Zdrnja (Feb 04)
- RE: Identify the make and model of a Mail Server Joseph Jenkins (Feb 04)
- Re: Identify the make and model of a Mail Server Devdas Bhagat (Feb 04)
- RE: Identify the make and model of a Mail Server Bhaven Haria (Feb 05)
- <Possible follow-ups>
- RE: Identify the make and model of a Mail Server Bob Radvanovsky (Feb 05)
- RE: Identify the make and model of a Mail Server Bob Radvanovsky (Feb 09)