Category Archives: Mail

Pings featured image

Advanced Ping: httping, dnsping, smtpping

I really love ping! It is easy to use and directly reveals whether the network works or not. Refer to Why Ping is no Security Flaw! (But your Friend) and Advanced Tracerouting. At least outgoing pings (from trust to untrust) should be allowed without any security concerns. However, many companies are denying these ICMP echo-requests from untrust into the DMZ which makes it difficult to test whether all servers are up and running.

I was sitting at the customer’s site replacing the DMZ firewall. Of course I wanted to know (from the outside) whether all servers are connected correctly (NAT) and whether the firewall permits the connections (policy). However, ping was not allowed. Therefore I used several layer 7 ping tools that generate HTTP, DNS, or SMTP sessions (instead of ICMP echo-requests) and revealed whether the services (and not only the servers) were running. Great!

This post shows the installation and usage of httping, dnsping, and smtpping on a Linux machine, in my case a Ubuntu server 14.04.4 LTS, as well as some Wireshark screenshots from captured sessions.

Continue reading Advanced Ping: httping, dnsping, smtpping

PA Antivirus Profile Featured Image

Palo Alto blocks SMTP Virus with 541 Response

While preparing for some Palo Alto Networks certifications I read something about the antivirus capabilities of blocking viruses via email by sending an SMTP response code of 541 to the sender (link). This was new for me since I thought the Palo Alto would only block IP connections (TCP RST) but not send layer 7 messages (SMTP codes). But actually, it does so by spoofing the IP address of the destination SMTP host. Cool stuff. Of course, I needed to test this. Here we go. ­čśë

Continue reading Palo Alto blocks SMTP Virus with 541 Response

E-Mail ├ťbertragung Verschl├╝sselung Grob

E-Mail ├ťbertragung verschl├╝sseln

Zur Zeit wird viel ├╝ber Abh├Ârma├čnahmen im Internet und speziell ├╝ber das generelle Mitschneiden von Traffic normaler User geredet. Und w├Ąhrend gro├če Firmen gezielt Verschl├╝sselungstechniken einsetzen k├Ânnen hat der Otto Normalverbraucher kaum das Wissen, um ernsthaft etwas gegen das Mitschneiden seiner Daten zu tun. Dabei ist es gar nicht so schwer, zumindest die ├ťbertragung der eigenen E-Mails hin zu seinem Provider ├╝ber entsprechende Ma├čnahmen abzusichern. Ob man damit die internationalen Geheimdienste aussperrt bleibt fraglich, aber zumindest schr├Ąnkt man das Mitlesen der privaten E-Mails durch Unbefugte im Internet deutlich ein! Hier kommt also eine Erkl├Ąrung inkl. einiger Screenshots der g├Ąngigen E-Mail Programme und Smartphones, um die eigenen E-Mails ├╝ber einen verschl├╝sselten Kanal zu ├╝bertragen. Continue reading E-Mail ├ťbertragung verschl├╝sseln