Re: Pentesting Openmail Web login

From: sherwyn.williams@gmail.com
Date: Wed May 23 2007 - 22:53:28 EDT

• Next message: cluster.security@gmail.com: "Survey on Supercomputer Cluster Security"
• Previous message: Vivek P: "Creating API for SSS & Appscan"
• In reply to: Tremaine Lea: "Re: Pentesting Openmail Web login"
• Next in thread: R. DuFresne: "Re: Pentesting Openmail Web login"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Thank you all I will try those and see.
Sherwyn Williams
Technical Support
The Williams Solutions

-----Original Message-----
From: Tremaine Lea <pen-test@ddiction.com>
Date: Wed, 23 May 2007 19:56:46
To:s-williams@nyc.rr.com
Cc:listbounce@securityfocus.com,"pen-test@securityfocus.com" <pen-test@securityfocus.com>
Subject: Re: Pentesting Openmail Web login

I'd recommend Nessus. It has plugins specifically for this type of
thing and is definitely capable of a variety of brute force attacks.

On 23-May-07, at 7:26 PM, s-williams@nyc.rr.com wrote:

> Anyone have a good tool in mine?
> ------Original Message------
> To: listbounce@securityfocus.com
> To: pen-test@securityfocus.com
> Sent: May 23, 2007 12:01 PM
> Subject: Pentesting Openmail Web login
>
> I am task with testing user accounts on our mail system. We
> currently have two systems Exchange, and OpenMail for Linux which
> is on the DMZ. We are interested in finding out how easy it might
> be for someone to guess the password of one or our users account.
>
> And if the are sucessful what can the do on the linux box, with
> that username and password.
>
> We have a main site with a link to the webmail system from there,
> ifi want to test this which tool might be the best for doing this
> since its a link and not the main page?
>
> Thanks in advance
>
> "A wise man ask questions, a fool is afraid of knowledge"
>
> ----------------------------------------------------------------------
> --
> This List Sponsored by: Cenzic
>
> Are you using SPI, Watchfire or WhiteHat?
> Consider getting clear vision with Cenzic
> See HOW Now with our 20/20 program!
>
> http://www.cenzic.com/c/2020
> ----------------------------------------------------------------------
> --
>
>
>

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------

• Next message: cluster.security@gmail.com: "Survey on Supercomputer Cluster Security"
• Previous message: Vivek P: "Creating API for SSS & Appscan"
• In reply to: Tremaine Lea: "Re: Pentesting Openmail Web login"
• Next in thread: R. DuFresne: "Re: Pentesting Openmail Web login"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:49 EDT