ISQS 6342 Email server attacks Presented by Deven Patel.

Slides:



Advertisements
Similar presentations
Basic Communication on the Internet:
Advertisements

Lecture 5: security: PGP Anish Arora CIS694K Introduction to Network Security.
Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security
Chapter 2: Application layer  2.1 Web and HTTP  2.2 FTP 2-1 Lecture 5 Application Layer.
Simple Mail Transfer Protocol (SMTP) Team: Zealous Team: Zealous Presented By: Vishal Parikh ( ) Vishal Parikh ( ) Ribhu Pathria( )
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols Network Fundamentals – Chapter.
Guide to Operating System Security Chapter 10 Security.
1 Information Systems 7/1/03 Tom Coppeto MIT Mail System Security Issues 1 July 2003.
2440: 141 Web Site Administration Services Instructor: Enoch E. Damson.
Introduction 1 Lecture 7 Application Layer (FTP, ) slides are modified from J. Kurose & K. Ross University of Nevada – Reno Computer Science & Engineering.
中華技術學院 Linux 課程 中華技術學院 Linux 課程 Chap Four : Mail 王俊城RHCE/RHCX.
-I CS-3505 Wb_ -I.ppt. 4 The most useful feature of the internet 4 Lots of different programs, but most of them can talk to each.
APACHE SERVER By Innovationframes.com »
SIMPLE MAIL TRANSFER PROTOCOL SECURITY Guided By Prof : Richard Sinn Bhavesh Jadav Mayur Mulani.
Lecturer : Ms.Trần Thị Ngọc Hoa Chapter 8 File Transfer Protocol – Simple Mail Transfer Protocol.
Introduction 1-1 Chapter 2 FTP & Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 IC322 Fall.
1 SMTP Transport Configuration SMTP Configurations and Virtual Servers Customizing the SMTP Service.
2: Application Layer1 Chapter 2 Application Layer These slides derived from Computer Networking: A Top Down Approach, 6 th edition. Jim Kurose, Keith Ross.
Electronic Mail (SMTP, POP, IMAP, MIME)
Mail Server Setup MAIL SERVER SETUP.
11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 
Cisco Discovery Working at a Small-to-Medium Business or ISP CHAPTER 7 ISP Services Jr.
1 Web Server Administration Chapter 8 Providing Services.
SMTP, POP3, IMAP.
1 Application Layer Lecture 5 Imran Ahmed University of Management & Technology.
Data Communications and Computer Networks Chapter 2 CS 3830 Lecture 9
Mail Server Three major components MTA MUA MDA Mail Transfer Agent
Mail Services.
IT 424 Networks2 IT 424 Networks2 Ack.: Slides are adapted from the slides of the book: “Computer Networking” – J. Kurose, K. Ross Chapter 2: Application.
Application Layer Protocols Simple Mail Transfer Protocol.
The Linux Operating System Lecture 7: Tonga Institute of Higher Education.
1 Computer Communication & Networks Lecture 27 Application Layer: Electronic mail and FTP Waleed.
SMTP PROTOCOL CONFIGURATION AND MANAGEMENT Chapter 8.
1 北區機房 IP 維運處暨 IDC 維運組 鄭任峰 郵件系統維運 課程 : Sendmail 與 postfix 的設定與比較 北區機房 IP 維運處暨 IDC 維運組 鄭任峰.
Sending and Receiving Mails
SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Application Layer Functionality and Protocols Network Fundamentals.
1 Version 3.0 Module 11 TCP Application and Transport.
The Internet 8th Edition Tutorial 2 Basic Communication on the Internet: .
Postfix Mail Server Postfix is used frequently and handle thousands of messages. compatible with sendmail at command level. high performance program easier-
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
Module 9: Fundamentals of Securing Network Communication.
1 Electronic Messaging Module - Electronic Messaging ♦ Overview Electronic messaging helps you exchange messages with other computer users anywhere in.
1 SMTP - Simple Mail Transfer Protocol –RFC 821 POP - Post Office Protocol –RFC 1939 Also: –RFC 822 Standard for the Format of ARPA Internet Text.
Proxy Server PROXY SERVER. What is a Web Proxy? Proxy Server A proxy is a host which relays web access requests from clients Used when clients do not.
CS 3830 Day 9 Introduction 1-1. Announcements r Quiz #2 this Friday r Demo prog1 and prog2 together starting this Wednesday 2: Application Layer 2.
LinxChix And Exim. Mail agents MUA = Mail User Agent Interacts directly with the end user  Pine, MH, Elm, mutt, mail, Eudora, Marcel, Mailstrom,
Advanced Sendmail Part 1
SMTP Tapu Ahmed Jeremy Nunn. Basics Responsible for electronic mail delivery. Responsible for electronic mail delivery. Simple ASCII protocol that runs.
Security fundamentals Topic 9 Securing internet messaging.
SMTP - Simple Mail Transfer Protocol RFC 821
Linux Operations and Administration Chapter Twelve Configuring a Mail Server.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter One Introduction to Exchange Server 2003.
CIT 140: Introduction to ITSlide #1 CSC 140: Introduction to IT Electronic Mail.
COMP 431 Internet Services & Protocols
SSH. 2 SSH – Secure Shell SSH is a cryptographic protocol – Implemented in software originally for remote login applications – One most popular software.
IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.
@Yuan Xue A special acknowledge goes to J.F Kurose and K.W. Ross Some of the slides used in this lecture are adapted from their.
Application Layer instructors at St. Clair College in Windsor, Ontario for their slides. Special thanks to instructors at St. Clair College in Windsor,
Spring 2006 CPE : Application Layer_ 1 Special Topics in Computer Engineering Application layer: Some of these Slides are Based on Slides.
درس مهندسی اینترنت – مهدی عمادی مهندسی اینترنت برنامه‌نویسی در اینترنت 1 SMTP, FTP.
SUBMITTED BY: NAIMISHYA ATRI(7TH SEM) IT BRANCH
CIT 383: Administrative Scripting
Social Media And Global Computing Sending
has many aspects that work together to give people almost instant communication from any computer on the internet to any other computer There.
Announcement Project 2 Due Project 3 will be out this weekend.
Chapter 7 Network Applications
Chapter 2 Application Layer
MESSAGE ACCESS AGENT: POP AND IMAP
Presentation transcript:

ISQS server attacks Presented by Deven Patel

Common types of abuse Eavesdropping Mail-bombing Impersonating someone else Propagating viruses Sending Hoaxes or Chain letters Hijacking server

agents Message Transfer Agent (MTA) Message Delivery Agent (MDA)

MTAs Simple Mail Transfer Protocol (SMTP) Unix to Unix Copy Program (UUCP)

SMTP Sendmail Postfix Qmail Exim

Architecture: SMTP Gateways and DMZ Networks Intern et DMZ net End user workstationsSMTP and other internal servers RouterFirewall Switch Internal net SMTP Gateway Public FTP Public Web Server

SMTP attacks Buffer Overflow attacks Relaying Unsolicited Commercial Leaking User and System information to prospective intruders ftp://ftp.isi.edu/in-notes/rfc2821.txt VRFY & EXPN

Unsolicited Commercial Network availability Server performance and Bandwidth optimization.

Remedies Blacklist SpamAssasin

Some SMTP troubleshooting commands Helo Mail from Rcpt to Data Subject Quit

Sendmail Pros Huge user community, as a result its easy to find both free and commercial support for it, not to mention a wealth of electronic and print publications.

Sendmail Cons Layers of old code resulting in a reputation of being insecure and bloated. Monolithic i.e. a vulnerability in one portion of its functionality results in the compromise of the entire application. Complex application.

Two modes of Operation Invoked on the fly Persistent Background Daemon

Configuring Sendmail 1. Enable needed features and tweak settings in sendmail.mc 2. Set up domain name masquerading, if needed, in sendmail.mc 3. Run m4 to generate sendmail.cf from sendmail.mc 4. Configure delivery rules by editing the mailertable. 5. Configure relaying rules by editing access. 6. Configure multiple-domain handling rules by editing virtusers. 7. Define local user-aliases in aliases. 8. Convert mailertable, access, virtusers, and aliases to databases. 9. Define all valid hostnames of the local system in the file local-host- names. 10. (Re-)start sendmail.

Excert from an /etc/mail/sendmail.mc file

Excert from an /etc/mail/sendmail.mc file (contd)

Feature directives

FEATURE(‘access_db’,’hash|dbm|btree [-o] /path/access.db’)dnl This is a modularizing feature which creates an access database providing a convenient way to maintain a list of both allowed and explicitly denied relaying hosts and domains.

FEATURE(‘dnsbl’,’blackhole.list.provider’)dnl Use a special DNS look-up to check all senders hostnames against a “black hole list” of known sources of UCE. If ommited, the name of the blackhole.list.provider defaults to blackholes.mail-abuse.org. This is a subscription-based service: mail-abuse.org charges a yearly fee for nonpersonal use.

FEATURE(‘blacklist_recipients’)dnl Check recipient addresses of incoming mail against the access database to block mail to selected usernames.

FEATURE(‘use_cw_file’)dnl This feature causes sendmail to use the file /etc/mail/local-host-names to determine valid local names – i.e. names that, if used to the right of the in an address, will cause that mail to be delivered locally. This is part of Sendmail’s anti-SPAM-relaying functionality.

Sendmail and SMTP AUTH SMTP AUTH is a badly needed extension to the SMTP protocol: it describes a flexible authentication mechanism that can be used to authenticate relaying. SMTP AUTH allows a password shared by two hosts (or stored by one host for its local users) to be used to validate senders. ftp://ftp.isi.edu/in-notes/rfc2554.txt

Sendmail and STARTTLS Beginning with version 8.11, sendmail supports the Extended SMTP command STARTTLS. When this command is issued at the beginning of an ESMTP session, it initiates an encrypted TLS tunnel that protects the rest of the session from eavesdropping. ftp://ftp.isi.edu/in-notes/rfc2487.txt

Sendmail and STARTTLS TLS and SSL use x.509 digital certificates, a type of public-key cryptography in which one’s public key is formatted to include certain amount of identification information (besides just your key ID and the public key itself), including the digital signature of a “Certificate Authority” (CA) that vouches for the authenticity of the certificate.

Postfix Postfix is simpler in design, more modular, and easier to configure and administer. Postfix is designed with scalability, reliability, and security as fundamental requirements. Postfix consists of a suite of Daemons and helper applications, whereas sendmail is essentially monolithic.

Postfix Postfix separates functions across different processes which is a big factor in postfix’s speed and stability. Also Postfix handles the mails intelligently by processing mails in four different queues rather than a single big queue as sendmail does.

Postfix’s four different queues Maildrop queue Incoming queue Active queue Deferred queue

References ftp://ftp.isi.edu/in-notes/rfc2821.txt ftp://ftp.isi.edu/in-notes/rfc2554.txt ftp://ftp.isi.edu/in-notes/rfc2487.txt Bauer, Michael D. (2002). Building Secure Servers with Linux. O’reilly, CA

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.