Advertisement
Online Test Banks
Score higher
See Online Test Banks
eLearning
Learning anything is easy
Browse Online Courses
Mobile Apps
Learning on the go
Explore Mobile Apps
Dummies Store
Shop for books and more
Start Shopping

Banner Grabs Can Give a Hacker Information to Attack E-mail

When hacking an e-mail server, a hacker’s first order of business is performing a basic banner grab to see whether he can discover what e-mail server software is running. This is one of the most critical tests to find out what the world knows about your SMTP, POP3, and IMAP servers.

Gather information

You can see the banner displayed on an e-mail server when a basic telnet connection is made on port 25 (SMTP). To do this, at a command prompt, simply enter telnet ip_or_hostname_of_your_server 25. This opens a telnet session on TCP port 25.

image0.jpg

The e-mail software type and server version are often very obvious and give hackers some ideas about possible attacks, especially if they search a vulnerability database for known vulnerabilities of that software version.

image1.jpg

You can gather information on POP3 and IMAP e-mail services by telnetting to port 110 (POP3) or port 143 (IMAP).

If you change your default SMTP banner, don’t think that no one can figure out the version. General vulnerability scanners can often detect the version of your e-mail server. One Linux-based tool called smtpscan determines e-mail server version information based on how the server responds to malformed SMTP requests. The smtpscan tool detected the product and version number of the e-mail server.

image2.jpg

Countermeasures against banner attacks

There isn’t a 100 percent secure way of disguising banner information. Take a look at these banner security tips for your SMTP, POP3, and IMAP servers:

  • Change your default banners to cover up the information.

  • Make sure that you’re always running the latest software patches.

  • Harden your server as much as possible by using well-known best practices from such resources as the Center for Internet Security and NIST.

blog comments powered by Disqus
Advertisement
Advertisement

Inside Dummies.com

Dummies.com Sweepstakes

Win an iPad Mini. Enter to win now!