Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > Re: hacking through a mail server?

Thread Tools

Re: hacking through a mail server?

Todd H.
Posts: n/a
"tg" <(E-Mail Removed)> writes:

> is it possible to be hacked through one's mail server?

Possible sure. Likely... nah, if it's a dedicated ISP mail server.
But... what kind of mail server? One akin to shared hosting accounts
that's also your domain's web server dns server, and box that randoms
like yourself may have shell accounts on? In that case, then the door
of "maybe" opens up just a little bit. But then you have to wonder
about motiviation--why would someone who owns your hosting account
give a rat about owning your home PC too unless you've really ****ed
them off? Again, all possible, but I'd set the bar of suspicion
pretty high before crying wolf.

> I use a network monitor on my pc called Net Medic and for the third time in
> the last month I've noticed suspicious network activity on my PC. Each time
> I saw this I've run wireshark for a few seconds and then disabled my NIC,
> and wireshark shows the traffic is coming from which is
> netweaver's latest mail server.
> I have hosting accounts with netweaver
> and I've complained to them about this but they insist it's just
> normal email traffic and that they have not been
> compromised.

Do you have any reason not to believe them?

> Problem is I'm not running any email program when I get this traffic
> and the nature of this network traffic is completely different to
> when I check my email.

Are you certain your mailer hasn't been backgrounded and periodically
checking for new mail? Has your mailer recently been
changed/upgraded? What OS are you using? Is the traffic originating
from the mailer server?

> I've been watching my email traffic for about
> 5 years now and this is different.

Without telling us specifics of what sort of traffic (port, protocol)
is new different and iteresting, it's impossible to say what might be
going on..

> My question is: is it possible for someone to hack 'through' or
> 'via' a mail server?

Yes. But my money's on them having upgraded software, or the
new/different stuff you're seeing is just something new happening on
their end.

I am curious however, the nature of this new/different traffic.

Todd H.
Reply With Quote

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
imap not reading mail which are already read through a mail client Tom Mac Ruby 1 05-03-2011 10:28 PM
Re: hacking through a mail server? Gerard Bok Computer Security 1 07-06-2009 05:21 PM
Re: hacking through a mail server? Burkhard Ott Computer Security 0 07-06-2009 03:29 AM
hacking,anti-hacking,registry tweaks,compter tricks e.expelliarmus Perl Misc 1 09-25-2007 11:05 AM
Sending mail through Mail::Outlook Perl Misc 2 05-25-2006 04:53 PM