Maybe it’s just me … but some people really tell me just too much about their infrastructure. Today I received a mail of a friend of mine, who works at a very well known company and I decided to look at the mail header. I don’t do that all the time, just sometimes, mostly when I’m bored … Lo and behold, I learned a lot from that simple mailheader.
a) they name their mailservers by location and by type. If I take the time to learn about their other global offices, I can probably guess the names of all of their servers … NICE !
b) Internally, they use an ip range assigned to the headquarters … for their outgoing traffic however, they use a range assigned to their European branch. This allows me to draw up their network architecture quite effectively. All up to their DMZ … WIN!
c) The internal mailserver shows the domain name !! Yeah, they really accomodate my laziness …
d) The mailserver shows that it is Lotus Notes … and which version … it doesn’t get any better, right ?
e) and then … I notice the name of their mail security server/appliance/whatever … I vaguely remember a press release from a certain vendor in that space from a few years ago. A quick google on $certainvendor and $certaincompany confirms my line of thought. Bingo !!
That’s all the information I need to craft an effective spear-phising attack 
Shikata ga nai !!
Previous 
Next 
Categories
Tag Cloud
Blog RSS
Comments RSS
Last 50 Posts
Back
Void 
Life 
Earth 
Wind 
Water 
Fire
[...] you are sharing in something as basic as email headers. That stuff can be used against you. Looking beyond the surface … << The Security Kitchen Tags: ( data-leakage [...]
Like or Dislike:
0 
0