Page 1 of 2 12 Last
  • Jump to page:
    #1
  1. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2002
    Location
    Atlanta, GA
    Posts
    143
    Rep Power
    13

    Hackers: what can they see in Email


    I have a question regarding what hackers can see if they happen to be watching my server traffic.

    If my server, via php, sent an email message to someone that contained text and some images, would the hacker be able to see any of the information sent?

    1. So could she see the text message ---- yes / no

    2. Could she see the images ----- yes / no

    3. Could she intercept an attachment ----- yes / no

    4. Could she intercept the whole message as if the message was going to her ------ yes / no

    Thanks for your help

    Dano
  2. #2
  3. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2002
    Location
    Atlanta, GA
    Posts
    143
    Rep Power
    13
    Part II to this post is:

    Could a hacker intercept a file such as a "zip" file going to my FTP server and physically have that zip file on their machine?
  4. #3
  5. No Profile Picture
    Moderator =(8^(|)
    Devshed Intermediate (1500 - 1999 posts)

    Join Date
    Feb 2002
    Location
    Sacramento, CA
    Posts
    1,710
    Rep Power
    14
    Well, assuming they can sniff packets leaving your server, they should be able to grab *anything* that you send. You could encrypt it, but they'd still be able to get a copy of the encrypted information.
  6. #4
  7. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2002
    Location
    Atlanta, GA
    Posts
    143
    Rep Power
    13
    Ok I give up......I have been thinking and thinking and thinking of a way instead of using SSL to just secure my signup and login pages. I guess there is just no 100% way of securing the distance between the client browser and the server unless you are using SSL. There is alot of ways to slow people down but in the end I guess if a hacker is wathcing the packets go by then he can get in.
  8. #5
  9. No Profile Picture
    Contributing User
    Devshed God 1st Plane (5500 - 5999 posts)

    Join Date
    Oct 2000
    Location
    Back in the real world.
    Posts
    5,966
    Rep Power
    190
    ssl is no 100% either but close to that. as you said, if the hacker is skilled enough, he WILL get in.
  10. #6
  11. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Sep 2001
    Location
    Long Beach, California
    Posts
    86
    Rep Power
    13
    It's my understanding that an attacker can only sniff packets if they are on either of the machines that is passing information back and forth. Is this correct?
  12. #7
  13. No Profile Picture
    Moderator =(8^(|)
    Devshed Intermediate (1500 - 1999 posts)

    Join Date
    Feb 2002
    Location
    Sacramento, CA
    Posts
    1,710
    Rep Power
    14
    Nope.

    I'm not sure how the internet architecture works, but for a local network (as for as I know) every machine on the same subnet gets all the packets for every other machine, it just ignores them.

    For the internet, anyway, do a traceroute on yahoo.com. Every ip address that comes back has access to the packets your sending, and those probably aren't all.
  14. #8
  15. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2001
    Posts
    4
    Rep Power
    0
    She can sniff anytime she wants, whether or not your data is useful to her or encrypted is another story. Note, sniff doesn't mean she can intercept your packet, not at all. The best to describe intercepting packets not destined to you is so-called spoofing, and is usually done via Zone Spoofing in DNS along with Cache Poisoning.
    Anyway, if you don't want your server to be vulnerable to such attack, don't run BIND, run dnscache instead.
  16. #9
  17. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2002
    Location
    Atlanta, GA
    Posts
    143
    Rep Power
    13
    So freebsd,

    if you don't want your server to be vulnerable to such attack, don't run BIND, run dnscache instead.
    Is this done within the Webserver or where? I have not seen this before. I am using IIS 5.0 running on W2000 professional server OS.

    So what I am understanding then......if I had the above adjusted (DNScache), I could send an email with an attachment ie. "zip file". And because of the setting on the server (DNScache), it would make it very difficult or impossible for the hacker to intercept the attachment (zip file). In either case, I guess it would add another layer of security to site with or without SSL.

    Thanks for your replies
  18. #10
  19. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2001
    Posts
    4
    Rep Power
    0
    >> I am using IIS 5.0 running on W2000 professional server OS

    Then sorry, using IIS on win2k implies that you don't care about security. If you really do, stop using M$ as your server OS now.
    If you don't have any difficulty configuring SSL then just go for it and stop concerning about packet interception because there are thousands of essential things on your todo list awaiting.
  20. #11
  21. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Oct 2002
    Location
    london
    Posts
    10
    Rep Power
    0
    This depends on a few factors, mainly

    1. Hacker a could get this information by
    a) Sniffing traffic - depends on your network - if it's switched & fairly secure - this isn't possible, once it leaves your network someone would have to have compromised a providers router - so I'd have to say this is unlikely, none-the-less possible.

    2. Compromised your server, again if it's internal & fairly secure - an unlikely event

    But if your hacker is your internal admin team, your not gonna hide it from them, look into pgp(encryption) for yer mails.

    <Quote>
    hen sorry, using IIS on win2k implies that you don't care about security. If you really do, stop using M$ as your server OS now.
    </Quote>

    Horses for courses really - no denying FreeBSD is a nice NIX variant - but doesn't suit everyone.
  22. #12
  23. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2001
    Posts
    4
    Rep Power
    0
    >> but doesn't suit everyone

    Because many are technical incapable out there who know just point-n-click.
  24. #13
  25. Full Access
    Devshed Regular (2000 - 2499 posts)

    Join Date
    Jun 2000
    Location
    London, UK
    Posts
    2,019
    Rep Power
    16
    Following on from what freebsd said, the kind of people you're going to get using IIS/Win2k are going to be technically unsound. Since IIS comes with everything turned on by default and loads of woefully insecure default filters, this is a dangerous combination.
    Alex
    (http://www.alex-greg.com)
  26. #14
  27. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2002
    Location
    Atlanta, GA
    Posts
    143
    Rep Power
    13
    I certainly do not want to be technically unsound.....I have been exploring apache/W2000 Server. That would be my only other alternative.

    Any comments on that combination?
  28. #15
  29. Full Access
    Devshed Regular (2000 - 2499 posts)

    Join Date
    Jun 2000
    Location
    London, UK
    Posts
    2,019
    Rep Power
    16
    Any reason in particular why you can't run it on Linux? It's not as stable or secure on Win32 as it is on *NIX (though Apache 2 is attempting to change this).
    Alex
    (http://www.alex-greg.com)
Page 1 of 2 12 Last
  • Jump to page:

IMN logo majestic logo threadwatch logo seochat tools logo