RE: Identify the make and model of a Mail Server

From: Bob Radvanovsky (rsradvan@unixworks.net)
Date: Thu Feb 09 2006 - 11:22:43 EST


As a follow-up to the previous posting about determining the mail server...

Actually, I tried it out and *purposefully* mutilated the SMTP headers in an effort to obfuscate the 'smtpscan' utility. Essentially, it *guessed* on what it *thought* it might have been. I obfuscated the SMTP header and welcome banner. It listed out 1 of 3 guesses, and was actually one of those 3 listed. So...yeah....it IS pretty good!

Requires Perl and some libraries that the Perl script utilizes. So if yer a Winders person, use WinPerl, LINUX/UNIX, just plain 'ole Perl. ;)) Fairly quick (less than 15 minutes to determine what I was running), too.

-rad

----- Original Message -----
From: Bhaven Haria [mailto:bhaven.haria@gmail.com]
To: 'Doug Fox' [mailto:dfox168@hotmail.com]
Cc: pen-test@securityfocus.com
Subject: RE: Identify the make and model of a Mail Server

>
> Hi,
>
> 'SMTPSCAN' can be used to fingerprint the mail server.
>
> Download: http://www.greyhats.org/?smtpscan
> Info: http://www.greyhats.org/remote_smtp_detect.pdf
>
> Cheers,
> Bhaven Haria,
> Paladion Networks,
> India
>
> -----Original Message-----
> From: Doug Fox [mailto:dfox168@hotmail.com]
> Sent: Wednesday, February 01, 2006 10:00 PM
> To: pen-test@securityfocus.com
> Subject: Identify the make and model of a Mail Server
>
> One can use NetCraft (www.netcraft.com) to identify a web server if it is
> Appache, IIS, etc.
>
> How can one identify a mail server behind a firewall, be it Exchange,
> GroupWise, or Lotus Notes?
>
> nmap or nessus helps identify if a mail server is available through tcp port
> 25.
>
> Any info is much appreciated!
>
> Regards,
>
> DF
>
> ----------------------------------------------------------------------------
> --
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
> futile against web application hacking. Check your website for
> vulnerabilities to SQL injection, Cross site scripting and other web attacks
> before hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> ----------------------------------------------------------------------------
> ---
>
>
> ------------------------------------------------------------------------------
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
>
> futile against web application hacking. Check your website for
> vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before hackers
> do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> -------------------------------------------------------------------------------
>
>

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:29 EDT