Smtp Attack Taxonomy

Mail services are exposed to issues from both the data networks and the traditional mail, and as with other technologies like VoIP, the main purpose of the attack is fraud. In the first decades of the Internet, many of the attacks were implemented by groups or individuals based on intrigue, curiosity, or even to earn bragging rights, but in most cases, these motives have been depreciated and money has become the main incentive for attacks.

Millions of people read emails every day and the majority of them don't have a clue (and rightly so) about the difference between things like the From: header and the envelope sender, DNS tricks, SSL certificates (certs), and all the technical concepts being discussed in this book. Still, the social impact of email is massive and that's why things like SPAM and phishing are a huge part of the global volume of SMTP traffic nowadays: because they are effective. If you think about it, with millions of malicious messages being sent, if even 0.1 percent succeed it's a considerable success for the "attacker."

It takes a spoofed From: or a simple misleading name to fool most people. This is why a problem that is potentially only social in nature has become an increasingly challenging issue, taking a considerable amount of time from every mail and security administrator's daily schedule.

The technical aspects involved in these malicious emails range from being completely null (as for most SPAM and viruses) to being fully exploited (email worms). Sometimes a specific technical bug and/or vulnerability greatly eases the attack process. The human factor is often the weakest link in the security chain. Computers don't (usually) lie, and you cannot (usually) fool them very easily. People trust people, and it doesn't take a complex piece of social engineering to trick a new user who is exploring the new world of online banking and redirect him or her to a malicious website that looks just like the real thing (but has radically different intentions).

The following sections will describe a simple taxonomy that classifies attacks based on their main objective and what can be done in order to block or circumvent them:

• Alteration of data or information

• Denial of service or availability

Was this article helpful?

0 0
The Ultimate Computer Repair Guide

The Ultimate Computer Repair Guide

Read how to maintain and repair any desktop and laptop computer. This Ebook has articles with photos and videos that show detailed step by step pc repair and maintenance procedures. There are many links to online videos that explain how you can build, maintain, speed up, clean, and repair your computer yourself. Put the money that you were going to pay the PC Tech in your own pocket.

Get My Free Ebook


Post a comment