Re: hacking through a mail server?

Discussion in 'Computer Security' started by Todd H., Jul 6, 2009.

  1. Todd H.

    Todd H. Guest

    "tg" <> writes:

    > is it possible to be hacked through one's mail server?


    Possible sure. Likely... nah, if it's a dedicated ISP mail server.
    But... what kind of mail server? One akin to shared hosting accounts
    that's also your domain's web server dns server, and box that randoms
    like yourself may have shell accounts on? In that case, then the door
    of "maybe" opens up just a little bit. But then you have to wonder
    about motiviation--why would someone who owns your hosting account
    give a rat about owning your home PC too unless you've really pissed
    them off? Again, all possible, but I'd set the bar of suspicion
    pretty high before crying wolf.

    > I use a network monitor on my pc called Net Medic and for the third time in
    > the last month I've noticed suspicious network activity on my PC. Each time
    > I saw this I've run wireshark for a few seconds and then disabled my NIC,
    > and wireshark shows the traffic is coming from tim.netweaver.net which is
    > netweaver's latest mail server.
    > I have hosting accounts with netweaver
    > and I've complained to them about this but they insist it's just
    > normal email traffic and that they have not been
    > compromised.


    Do you have any reason not to believe them?

    > Problem is I'm not running any email program when I get this traffic
    > and the nature of this network traffic is completely different to
    > when I check my email.


    Are you certain your mailer hasn't been backgrounded and periodically
    checking for new mail? Has your mailer recently been
    changed/upgraded? What OS are you using? Is the traffic originating
    from the mailer server?

    > I've been watching my email traffic for about
    > 5 years now and this is different.


    Without telling us specifics of what sort of traffic (port, protocol)
    is new different and iteresting, it's impossible to say what might be
    going on..

    > My question is: is it possible for someone to hack 'through' or
    > 'via' a mail server?


    Yes. But my money's on them having upgraded software, or the
    new/different stuff you're seeing is just something new happening on
    their end.

    I am curious however, the nature of this new/different traffic.


    --
    Todd H.
    http://www.toddh.net/
     
    Todd H., Jul 6, 2009
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Silverstrand

    Resource Hacking Part 2

    Silverstrand, Jun 21, 2005, in forum: Front Page News
    Replies:
    0
    Views:
    980
    Silverstrand
    Jun 21, 2005
  2. John

    Hacking Transcender

    John, Aug 17, 2004, in forum: Microsoft Certification
    Replies:
    1
    Views:
    1,338
    Mark Fugatt [MVP]
    Aug 17, 2004
  3. Replies:
    3
    Views:
    2,884
    Walter Roberson
    Apr 27, 2007
  4. Burkhard Ott

    Re: hacking through a mail server?

    Burkhard Ott, Jul 6, 2009, in forum: Computer Security
    Replies:
    0
    Views:
    608
    Burkhard Ott
    Jul 6, 2009
  5. Gerard Bok

    Re: hacking through a mail server?

    Gerard Bok, Jul 6, 2009, in forum: Computer Security
    Replies:
    1
    Views:
    913
    Todd H.
    Jul 6, 2009
Loading...

Share This Page