|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Mail Server testing
From: Amal Al Hajeri (moi2002
emirates.net.ae)
Date: Sat May 10 2003 - 00:17:10 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi List,
Am running a pen-test these days against mail servers that have a server
side virus scanner as well as a mail content filtering product for
inforcing the organization's mail usage policy.
I ran couple of tests including :
1.Sending viruses and worms.
2.Sending anti virus testing files from the eicar project
http://www.eicar.org/.
3.Sending renamed virus files to files with an allowed type of files
extensions.
4.Sending an archived zip files *a zip file that has been zipped for
over 4000 times* some anti viruses hang while trying to unzip this file.
5.Sending a genuine exe file renamed to an allowed type of files
extension.
6.Sending mails with wordings like *Middlesex* A University in UK.
7.Mail bombing test.
I would like to know if you have any other ideas to test server side
virus scanners and content filtering products. Also i would like to know
what is the best way to prevent mail spamming and bombing.
Thanks.
--
Amal M Al Hajeri
E/Network&Information Security
Etisalat
Head Office Bld(B) 12th floor
Abu Dhabi
UAE
P.O.Box: 3838
Tel (Office): 00971(2)2584
---------------------------------------------------------------------------
Did you know that you have VNC running on your network?
Your hacker does.
Plug your security holes.
Download a free 15-day trial of VAM:
http://www.securityfocus.com/StillSecure-pen-test
----------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]