[prev in list] [next in list] [prev in thread] [next in thread] 

List:       pen-test
Subject:    Re: Sniffing packets between Outlook and Exchange
From:       Jeff King <peff-pentest () fenris ! cc>
Date:       2001-12-12 0:06:27
[Download RAW message or body]

On Tue, 11 Dec 2001, Harrington, Chris wrote:

> In an environment with Outlook 2000 acting as an Exchange client (no POP),
> is it possible to sniff the email traffic between the them?? If so, are
> there any resources on preventing this?

I looked into this several years ago. IIRC, Outlook->Exchange traffic is
tunneled through an SMB named pipe. It gets user authentication at the
SMB level.  It may also get encryption services there; I don't know.

You might try running a sniffer against your box as you submit or read a
message then grep the results for the partial contents of the message.
You can't prove that it's unsniffable by failing, but you can certainly
prove that it's sniffable by succeeding. :)

-Jeff


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

[prev in list] [next in list] [prev in thread] [next in thread]