pen-test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Pentesting Openmail Web login

from [Tremaine Lea] [Permanent Link][Original]
To: s-williams@nyc.rr.com
Subject: Re: Pentesting Openmail Web login
From: Tremaine Lea <pen-test@ddiction.com>
Date: Wed, 23 May 2007 19:56:46 -0600
Cc: listbounce@securityfocus.com, "pen-test@securityfocus.com" <pen-test@securityfocus.com>
Delivered-to: sp-com-lists@consult.net
Delivered-to: pentest-list2@consult.net
Delivered-to: mailing list pen-test@securityfocus.com
Delivered-to: moderator for pen-test@securityfocus.com
In-reply-to: <679373278-1179969881-cardhu_blackberry.rim.net-1262565111-@bxe047-cell01.bisx.prod.on.blackberry>
List-help: <mailto:pen-test-help@securityfocus.com>
List-id: <pen-test.list-id.securityfocus.com>
List-post: <mailto:pen-test@securityfocus.com>
List-subscribe: <mailto:pen-test-subscribe@securityfocus.com>
List-unsubscribe: <mailto:pen-test-unsubscribe@securityfocus.com>
Mailing-list: contact pen-test-help@securityfocus.com; run by ezmlm
References: <679373278-1179969881-cardhu_blackberry.rim.net-1262565111-@bxe047-cell01.bisx.prod.on.blackberry>
Resent-date: Wed, 23 May 2007 20:30:18 -0600 (MDT)
Resent-from: pen-test-return-1078484240@securityfocus.com
Resent-message-id: <20070524023018.D1AB114411E@outgoing2.securityfocus.com>
Resent-sender: listbounce@securityfocus.com
Sender: listbounce@securityfocus.com
I'd recommend Nessus. It has plugins specifically for this type of thing and is definitely capable of a variety of brute force attacks. 


On 23-May-07, at 7:26 PM, s-williams@nyc.rr.com wrote:


Anyone have a good tool in mine?
------Original Message------
To: listbounce@securityfocus.com
To: pen-test@securityfocus.com
Sent: May 23, 2007 12:01 PM
Subject: Pentesting Openmail Web login
I am task with testing user accounts on our mail system. We currently have two systems Exchange, and OpenMail for Linux which is on the DMZ. We are interested in finding out how easy it might be for someone to guess the password of one or our users account.
And if the are sucessful what can the do on the linux box, with that username and password.
We have a main site with a link to the webmail system from there, ifi want to test this which tool might be the best for doing this since its a link and not the main page? 

Thanks in advance

"A wise man ask questions, a fool is afraid of knowledge"
---------------------------------------------------------------------- -- 
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
---------------------------------------------------------------------- -- 






------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Pentesting Openmail Web login, Brent Wolfram
Next by Date:  Re: Question about vulnerability scanning, Nikhil Wagholikar
Previous by Thread:  Re: Pentesting Openmail Web login, Brent Wolfram
Next by Thread:  Re: Pentesting Openmail Web login, sherwyn . williams
Indexes:  [Date] [Thread] [Top] [All Lists]