Dig results showing mail exchange records
From our dig results in Figure 10, we see that there are 3 mail exchanger
(MX) records:
• atla-mx1.iss.net.
• mutex.netrex.com.
• chcg-mx1.iss.net.
Clearly, the iss.net hosts are of interest, so we will target one by using
telnet to connect to the SMTP port (TCP/25), as shown BELOW
glyng@TERROR [~] $ telnet atla-mx1.iss.net 25
Trying 208.21.0.9...
Connected to atla-mx1.iss.net.
Escape character is ’^]’.
220 atla-mx1.iss.net ESMTP Sendmail 8.9.3/8.9.2; Wed, 19 Jul 2000
10:43:53 -0400 (EDT)
The last line of shows the mail server introducing itself to us,
including local system time and software and version numbers.
we introduce ourselves with a false domain name. The
server, however, shows it has logged our real IP address. We now
construct an e-mail from an address capable of receiving the bounced
mail, to a mis-spelt user account, as shown in .
mail from: glyng@bigfoot.com
250 glyng@iss.net... Sender ok
rcpt to: glyngg@iss.net
250 glyngg@iss.net... Recipient ok
data
354 Enter mail, end with "." on a line by itself
Subject: testing
asd
.
250 KAA09440 Message accepted for delivery
quit
221 atla-mx1.iss.net closing connection
Connection closed by foreign host.
glyng@TERROR [~] $
From our dig results in Figure 10, we see that there are 3 mail exchanger
(MX) records:
• atla-mx1.iss.net.
• mutex.netrex.com.
• chcg-mx1.iss.net.
Clearly, the iss.net hosts are of interest, so we will target one by using
telnet to connect to the SMTP port (TCP/25), as shown BELOW
glyng@TERROR [~] $ telnet atla-mx1.iss.net 25
Trying 208.21.0.9...
Connected to atla-mx1.iss.net.
Escape character is ’^]’.
220 atla-mx1.iss.net ESMTP Sendmail 8.9.3/8.9.2; Wed, 19 Jul 2000
10:43:53 -0400 (EDT)
The last line of shows the mail server introducing itself to us,
including local system time and software and version numbers.
we introduce ourselves with a false domain name. The
server, however, shows it has logged our real IP address. We now
construct an e-mail from an address capable of receiving the bounced
mail, to a mis-spelt user account, as shown in .
mail from: glyng@bigfoot.com
250 glyng@iss.net... Sender ok
rcpt to: glyngg@iss.net
250 glyngg@iss.net... Recipient ok
data
354 Enter mail, end with "." on a line by itself
Subject: testing
asd
.
250 KAA09440 Message accepted for delivery
quit
221 atla-mx1.iss.net closing connection
Connection closed by foreign host.
glyng@TERROR [~] $
No comments:
Post a Comment