RE: Identify the make and model of a Mail Server



As a follow-up to the previous posting about determining the mail server...

Actually, I tried it out and *purposefully* mutilated the SMTP headers in an effort to obfuscate the 'smtpscan' utility. Essentially, it *guessed* on what it *thought* it might have been. I obfuscated the SMTP header and welcome banner. It listed out 1 of 3 guesses, and was actually one of those 3 listed. So...yeah....it IS pretty good!

Requires Perl and some libraries that the Perl script utilizes. So if yer a Winders person, use WinPerl, LINUX/UNIX, just plain 'ole Perl. ;)) Fairly quick (less than 15 minutes to determine what I was running), too.

-rad

----- Original Message -----
From: Bhaven Haria [mailto:bhaven.haria@xxxxxxxxx]
To: 'Doug Fox' [mailto:dfox168@xxxxxxxxxxx]
Cc: pen-test@xxxxxxxxxxxxxxxxx
Subject: RE: Identify the make and model of a Mail Server



Hi,

'SMTPSCAN' can be used to fingerprint the mail server.

Download: http://www.greyhats.org/?smtpscan
Info: http://www.greyhats.org/remote_smtp_detect.pdf

Cheers,
Bhaven Haria,
Paladion Networks,
India

-----Original Message-----
From: Doug Fox [mailto:dfox168@xxxxxxxxxxx]
Sent: Wednesday, February 01, 2006 10:00 PM
To: pen-test@xxxxxxxxxxxxxxxxx
Subject: Identify the make and model of a Mail Server

One can use NetCraft (www.netcraft.com) to identify a web server if it is
Appache, IIS, etc.

How can one identify a mail server behind a firewall, be it Exchange,
GroupWise, or Lotus Notes?

nmap or nessus helps identify if a mail server is available through tcp port
25.

Any info is much appreciated!

Regards,

DF

----------------------------------------------------------------------------
--
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for
vulnerabilities to SQL injection, Cross site scripting and other web attacks
before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
----------------------------------------------------------------------------
---


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are

futile against web application hacking. Check your website for
vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers
do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------



------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------



Relevant Pages

  • RE: 3rd party vuln assesment firms
    ... > "We use the same tools hackers bring to bear against your systems. ... >> I'm looking for a firm to conduct annual 3rd party vulnerability ... Up to 75% of cyber attacks are launched on shopping ... >> your website for vulnerabilities to SQL injection, ...
    (Pen-Test)
  • RE: 3rd party vuln assesment firms
    ... > "We use the same tools hackers bring to bear against your systems. ... >> I'm looking for a firm to conduct annual 3rd party vulnerability ... Up to 75% of cyber attacks are launched on shopping ... >> your website for vulnerabilities to SQL injection, ...
    (Pen-Test)
  • RE: Penetration test of 1 IP address
    ... Before I do anything very intrusive I personally go to the website ... Also remember once you have found a vulnerability, ... Hackers are concentrating their efforts on attacking applications on ... Up to 75% of cyber attacks are launched on shopping ...
    (Pen-Test)
  • Re: Whitespace in passwords
    ... input password is alphanumeric + special characters -- chances are strong ... >> Hackers are concentrating their efforts on attacking applications on ... Up to 75% of cyber attacks are launched on shopping ... >> your website for vulnerabilities to SQL injection, ...
    (Pen-Test)
  • Re: Qualys
    ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Hackers are concentrating their efforts on attacking applications on ... Up to 75% of cyber attacks are launched on shopping carts, ...
    (Pen-Test)