Advanced Meta Tag Generator <$BlogRSDURL$>
error-diggs

formatted for Firefox

Get Firefox!
Monday, July 25, 2005
  zoneH- spoofing email: the steps
Understanding SMTP -

The Simple Mail Transport Protocol is definitely the most widely used protocol for sending electronic mail.

Email uses whats known as a store and forward system. When SMTP is used for outgoing mail it sends it though a nearby SMTP server. The server looks at the address to check if its for it's own domain, if it is it keeps the mail, otherwise it will forward the mail on until it reaches its destination.

Email wasn't designed with security in mind. In fact email was originally designed to allow for anonymous communication. Not only that communications using SMTP are sent in clear text so they are susceptible to eavesdropping.

The two elements of SMTP are the Sender-SMTP and Receiver-SMTP processes.

The Sender-SMTP element is the client application and the Receiver-SMTP element is the server application. The Sender-SMTP process initiates the communication over port 25. Once the sender and receiver are connected the Receiver-SMTP process will send a 220 code saying that the TCP connection is established and it is ready to accept data from the client.

Some SMTP commands that you will most likely find helpful:

HELO – Starts the SMTP session
EHLO - Starts the SMTP session with support for SMTP mail service extensions
MAIL – Starts the mail transfer and identifies the Sender-SMTP email address
RCPT – Identifies the recipient of the mail
DATA – Starts the mail transfer
RSET – Stops the current mail transaction
HELP – Displays help information
QUIT – Kills the session

Spoofing-

The first thing you must to is open a terminal, either a *nix term or the command prompt from with in Windows. In order to connect to the mail server you must telnet to the mail servers address at port 25 from which you wish to send the mail.

Telnet to the server:
telnet example.mailserver.com 25

You will get a response similar to the one below:
Trying ...
Connected to example.mailserver.com
Escape character is '^]'.
220 example.mailserver.com ESMTP

Now you need to declare where you are sending the email from to initiate the session:
HELO
or
HELO your_domain_name.com

You will get a response similar to the one below:
250 example.mailserver.com Hello

Now you need to enter the senders email address. This is where you actually “spoof” the address of your choice. You may enter any mail address you wish:
MAIL FROM: spoofed@address.comspoofed@address.com

You will get a response similar to the one below:
250 spoofed@address.comspoofed@address.com... Sender ok

Now you enter your targets address who you wish to receive the mail:
RCPT TO: targets@address.comtargets@address.com

You will get a response similar to the one below:
250 targets@address.comtargets@address.com... Recipient ok

Now you can enter the text you wish the email message to contain:
DATA (press enter)
enter your message now

Once you are completed with your message you can let the mail server know you wish to send it off by typing a single period and pressing enter:
. (press enter)

You will get a response similar to the one below:
250 Message queued for delivery

You may now close the connection to the server:
QUIT

And thats it! Its really that easy. So how do you protect yourself from this type of attack?

The best way to secure your electronic messaging is to use software that allows for the following: encryption, decryption, and digital signatures. I recommend the use of PGP. PGP uses asymmetric encryption and allows for you do sign your messages using your private key. This way your recipients can use your public key to decrypt your signature and verify the messages integrity. PGP can be applied to email, data files, instant messaging, and VPNs.

i, myself already in steps to secure my email. i use a FREE digital certificate offer by Thawte. this way you also can protect your email. of course, i still not convince enough that my email would totally secure. nothing is totally secure.

Personal E-mail certificates can be used to:

* Sign your e-mail communications so that people know the mail came from your e-mail address.
* Encrypt your e-mail communications to prevent unauthorized people from reading them.
* Authenticate your identity to Web servers. Most modern Web browsers allow you to use a Personal E-mail certificate to authenticate yourself to a Web server.

-to catch a thief, think like a thief-
 


zoneH (haha..), big impact (tech-news), blackhole (best info), custom (ur customizer), best (entertainment), online tips (quick tips), try ar (must try).

error-diggs feeds

error-words

Top100bloggers.com

Subscribe in NewsGator Online



Technology Blog Top Sites