Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Pentesting Openmail Web login

from [R. DuFresne] Network Security [Permanent Link]
Subject: Re: Pentesting Openmail Web login
Date: Mon, 18 Jun 2007 14:51:05 -0400 (EDT) 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



I gewt the impression he is asking about tools to test the strength of passwrds for the users accounts for mail. And this is an area he should beable to search the archives for, since it seems to be covered here about 3-4 times a year, much like the comparative questions about various tools threads.

Thanks,

Ron DuFresne


On Wed, 23 May 2007, Tremaine Lea wrote:

I'd recommend Nessus. It has plugins specifically for this type of thing and is definitely capable of a variety of brute force attacks.


On 23-May-07, at 7:26 PM, s-williams@nyc.rr.com wrote:

Anyone have a good tool in mine?
------Original Message------
To: listbounce@securityfocus.com
To: pen-test@securityfocus.com
Sent: May 23, 2007 12:01 PM
Subject: Pentesting Openmail Web login

I am task with testing user accounts on our mail system. We currently have two systems Exchange, and OpenMail for Linux which is on the DMZ. We are interested in finding out how easy it might be for someone to guess the password of one or our users account.

And if the are sucessful what can the do on the linux box, with that username and password.

We have a main site with a link to the webmail system from there, ifi want to test this which tool might be the best for doing this since its a link and not the main page?

Thanks in advance

"A wise man ask questions, a fool is afraid of knowledge"

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------





------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------

- -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A E838 B2DF AFCC 94B0 6629

...We waste time looking for the perfect lover
instead of creating the perfect love.

                -Tom Robbins <Still Life With Woodpecker>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFGdtQdst+vzJSwZikRAoQbAJ419Jh6YWYoUCzwHwTtV0rUEELYuACdFUNm
o8y5pxnkVFkLP5ypyvtsFSs=
=aE7R
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Re: Pentesting Openmail Web login, R. DuFresne <=
Previous by Date:  Security and VPN, Sohail Sarwar
Next by Date:  Strange ports, killy
Previous by Thread:  Security and VPN, Sohail Sarwar
Next by Thread:  Strange ports, killy
Indexes:  [Date] [Thread] [Top] [All Lists]