E-mail hacking

5 pts.
Tags:
Application security
Database
Encryption
Instant Messaging
Microsoft Exchange
Secure Coding
How can I hack my own e-mail address? Is there software available for this (commercial or freeware)?

Answer Wiki

Thanks. We'll let you know when a new response is added.

Well, the real question is why do you need to hack your email address? If it’s just to find the password that you used to configure outlook or a similar client, there are programs out there that can reveal the password (i.e. it “knows” what’s behind the *s), and there’s also network sniffers that can read the plain text transmission of your password.

Past that, I must say that I am reluctant to give email account cracking advice. I mean no offense, but I have no way of verifying that you are the holder of the account you want to crack, and have a liability by giving you information on how to get into it.

Thanks,
SKM

Discuss This Question: 11  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Bobkberg
    Hear, Hear! Bob
    1,070 pointsBadges:
    report
  • Petroleumman
    Hello, Sounds like you've fired a loaded question! If your the admin or part of the admin group on your network then you should have all the tools you'll need to get into anyone on your networks email box including your own. If this is not the case then I have to side with the other replys and ask myself why do I want to share such information with a complete stranger??? Good Luck!
    0 pointsBadges:
    report
  • Rfergus28
    Hack your own account? this does seem like a Fishy question. If you are for real please let us know what you are trying to aclomplish. Are you trying to see if there are security holes in your network? If your purpose is for security auditing, I would go to the vender of your email system and get their best practices sheets. and I would look up your email product on the web for know hacks. But I would agree that this does seem an odd post.
    0 pointsBadges:
    report
  • Brainstorm22
    No, I'm not looking to crack my own password. I want to make sure my system is secure. I've heard of e-mail hacking and thought if I had a better understanding I would be able to keep my e-mail secure. I though there was legit software out there. Is there a better way to check the security of my e-mail?
    5 pointsBadges:
    report
  • Rfergus28
    Again I would suggest looking to your vender for best practices. I would also search for your product on the web and see what independient reviews say about it. Look for Hacks posted on the web. Maybe look for people who use your software and have been attacked. See what happened. GFI makes good products to check for patches and open ports. but the only truely secure system is unplugged.
    0 pointsBadges:
    report
  • CesareDH
    "The only truely scure system is unplugged." You gotta love that answer....
    0 pointsBadges:
    report
  • Layer9
    Of course we should not be posting step by step instructions on how to hack mail servers, but knowing how to defend a mail server is an important part of any system admins role. But like all other defensive measures, your level of protection is based on your identified risk. For instance your risk assessments might identify that your primary concern for Email traffic is SPAM filtering, so your approach would be quite different than if your requirements included ensuring only secure trusted mail servers connect to your mail server. We have found that many small to mid sized firms require a mixture of different services to secure there email and control SPAM flooding. A good solution for securing an internal email server is to use a gateway SMTP server to accept inbound messages. Most SMTP gateway appliances and software screen for viruses, SPAM, etc. These appliances are also usually more secure than placing an Exchange or Sendmail server directly on the Internet. Now as for your exact question, you are likely referring to a common method of directly connecting to an SMTP server using telnet sessions to emualte another SMTP server. This of course is a vulnerability in most SMTP servers running on the Internet as the server must have TCP 25 open to accept inbound SMTP transfers. There are ways to secure help reduce this vulnerability. There are many 3rd party firms who act as SMTP proxies for your mail servers, accepting your mail for you on the WWW, then passing it on to your servers, SPAM and Virus free. Your SMTP servers are configured to use TCP port other than 25, usually a very high number. They connect to the SMTP proxy service using this unexpected port and are often accompanied with additional authentication processes. Alternately you could use an Application layer filtering device to filter out these bogus sessions. Of course it requires an advanced Application layer filter at that level. We have made them using protocol analyzers and scripts that look for the vty exchanges in the session, but they are tweaky. Other high end Application layer filtering devices are capable of doing this for a premium. Hope this helps. Chris Weber Layer9corp.com
    0 pointsBadges:
    report
  • Brainstorm22
    Thanks, Chris. Your response was helpful. Much appreciated!
    5 pointsBadges:
    report
  • Telecommuntion
    Its a very good contribution in discussing how a mail password is cracked. There are many such softwares where we can download and start using, but do you think by discussing so, we make people aware that there are defects in the secured networks also. To discuss such issues regarding cracking your mail passwords, etc.., please contact the vendors of the network.
    0 pointsBadges:
    report
  • Layer9
    Your welcome Brainstorm. In response to Telecommunition, please go back and read Brainstorms actual question. The question was NEVER on how to crack an email password. The question was about how to test their Email security. It was a good question, and it deserved a good answer. Chris Weber Layer9corp.com
    0 pointsBadges:
    report
  • Ursulus
    Evening all.. There are only a couple of things that you need to be absolutly sure of with regard to email. I'm making various assumptions here regarding your setup. Firstly, you need to be safe from Virus attack. The majority of AntiVirus products protect at the Exchange or SMTP level thus capturing virus' software before it gets into exchange. The other thing to be weary of is SPAM generation. It is all very well to block SPAM but the use of servers to generate SPAM is becoming common. You need to make absolutly sure your server isn't acting as a SPAM engine. The easist way to spot this in Exchange is to look at your outgoing queues and look for odd domains in the list that are being re-tried. If you find this, immediatly STOP outward email and check your settings. I recently discovered a new mechanism for generating SPAM using Non Deliver Reports on our mail server. Basically email addressed to non-existant users on our network, names like asdasdas@ etc etc were being sent with spoofed return email addresses so my server was happily sending non-delivery requests to LOT's of people.. My recommendation is turn off NDR's! Also, if you do a Google search for Open Relay, there are various sites that will check your external IP address to make sure you are not an open relay. This was all very well until the Hackers got clever. In Exchange by default the ability to Relay for an Authenticaed user is turned on... turn this off of nail it down to an IP range as there is a spam engine that manages to fake authentication. My 2c worth.. Malcolm
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following