RE: Identify the make and model of a Mail Server

From: Joseph Jenkins (maillist@breathe-underwater.com)
Date: Sun Feb 05 2006 - 01:03:58 EST

• Next message: Devdas Bhagat: "Re: Identify the make and model of a Mail Server"
• Previous message: Kyle Quest: "RE: Active Directory user enumeration"
• In reply to: Doug Fox: "Identify the make and model of a Mail Server"
• Next in thread: Devdas Bhagat: "Re: Identify the make and model of a Mail Server"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

When you telnet into port 25 on most smtp servers it will tell you what it
is even if it is behind a firewall. The firewall will pass the traffic
directly into the server. For example if someone has put their domino
server out onto the internet, when you telnet into port 25 it will tell you
the version of Domino server that is running. Also while most admins will
use the generic mail.xxxx.xxx in their DNS records, the smtp server will
tell you what it's true name is. This can either give you a clue as to what
software the server is running or it can even tell you the naming scheme the
company uses.

Hope it helps.

-----Original Message-----
From: Doug Fox [mailto:dfox168@hotmail.com]
Sent: Wednesday, February 01, 2006 8:30 AM
To: pen-test@securityfocus.com
Subject: Identify the make and model of a Mail Server

One can use NetCraft (www.netcraft.com) to identify a web server if it is
Appache, IIS, etc.

How can one identify a mail server behind a firewall, be it Exchange,
GroupWise, or Lotus Notes?

nmap or nessus helps identify if a mail server is available through tcp port

25.

Any info is much appreciated!

Regards,

DF

----------------------------------------------------------------------------

--
Audit your website security with Acunetix Web Vulnerability Scanner: 
Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for
vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers
do! 
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
----------------------------------------------------------------------------
---
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 
Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: Devdas Bhagat: "Re: Identify the make and model of a Mail Server"
• Previous message: Kyle Quest: "RE: Active Directory user enumeration"
• In reply to: Doug Fox: "Identify the make and model of a Mail Server"
• Next in thread: Devdas Bhagat: "Re: Identify the make and model of a Mail Server"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:26 EDT