Loading ...
Sorry, an error occurred while loading the content.

Re: [infoguys-list] Re: Email Security

Expand Messages
  • Ryugen C Fisher
    Hello Ricky, However .. having the right computer i.e. placed between sender and receiver is a significant problem ... you either have to be directly
    Message 1 of 10 , Jan 21, 2006
    • 0 Attachment
      Hello Ricky,


      However .. having the "right computer" i.e. placed between sender and
      receiver is a significant problem ... you either have to be directly
      upstream, OR compromise a router that is directly betwixt the two
      communicating systems ... not easy to do or within the grasp of most
      "wanna be hackers" and MOST "data professionals" -- the overwhelming
      majority of stolen mail comes from a trojan to a repository or a break
      in to the repository (I define repository as a system that sends mail,
      i.e the sender, received mail, i.e. the receiver or the several (two
      or more in almost all cases, [except for closed route secure mail {*ask
      me about Phantom Mail Servers} - hardly ever more than four and a sign
      of probably SPAM if it is] ) SMTP servers at the corporation (for those that
      run their own mail servers) or ISP's used [check your message headers
      if you want to know those servers involved with THIS message]

      PS: that is the last time I will write a letter like a programmer, but
      the "if-then" and caveats was too much fun to ignore

      simple put... LISTENING for mail in a switched packet world is a pain
      in the ass... GATHERING mail is MUCH easier.. IF your purpose is to
      get specific data about a specific party..

      The only time listening makes sense is when you don't care WHAT you
      get or from whom.. then like a trawler with a seine purse.. you gather
      everything that drifts and throw away a LOT of garbage fish before you
      find the "golden minnow" [unless you are the government and can throw a
      LOT of trawlers into the mix... but if they want your data there are
      many much more efficient ways to get it]



      Friday, January 20, 2006, 11:16:41 PM, you wrote:

      >> Rick said:
      >>
      >> > Yes and No.. Email is at it's most vulnerable for
      >> > exploitation while in transit, that's the very reason it is
      >> > intercepted..
      >>
      >>
      >> I disagree... On the most part (regarding us laymen),, because:
      >> I know I can read more emails off the sending computer and the
      > receiving
      >> computer than I can read whilst the emails were in transit.
      > (Forensically
      >> speaking - Covering my ass here). Unless your WIFI-ing around,
      > plus other
      >> stuff.

      > I don't know.. I beielve a good packet sniffer, properly set up (to
      > filter out everything but email for starters), and placed on the
      > right computer could probably net more email than a forensic
      > analysis of that same computer can....... And you don't have to be
      > using wireless for a packet sniffer to collect email...

      > However, I am speaking of remote interception, not physically being
      > at the computer that received or sent the email...

      > Also, when I say "in transit", that is to include any server that
      > the email is passing through that may have a trojan on it, that
      > someone may be using as a "zombie", or that a hacker may just "own"
      > or any router that has been "hacked" to redirect or send copies of
      > email to a certain location, or that may have been put into
      > promiscuous mode...

      > I don't think that Leif would have as much worry about someone
      > getting his email if his computer were seized by the government (not
      > if he is running a legitimate business, anyway), or with one of his
      > customers having their computer seized.. I think Leif's biggest
      > worry might be a "hacker" actually trying to intercept his email, or
      > hack the server that he has his accounts and information would be
      > on..

      > Also, having said that, I think it is probably pretty fair to say
      > that there are more "script kiddies" and "hackers", out there than
      > there are Data Recovery Specialists and Computer Forensic Experts,
      > and the "script kiddies" and "hackers" are probably alot more active
      > too.......

      > And having said all of that... Yes... A good forensic analysis of a
      > hard drive should get you every email sent from and to the computer
      > you are performing it on...

      > Take care.


      > Rick.




      > RMRI, Inc.
      > "Columbia's Premier Investigation Agency"
      > 2101 W. Broadway PMB 326, Columbia, MO. 65203

      > OFFICE: 607 N. Providence, Columbia, MO. 65203
      >
      > Phone: (636) 410-0251
      > EMERGENCY TOLL FREE LINE: (888) 571-0958
      > Fax 1: (636) 410-0257
      > Fax 2: (314) 754-8483
      >
      > Website: http://www.rmri.net
      >





      > <p><hr></p>
      > To subscribe, send an empty message to <a
      > href="mailto:infoguys-list-subscribe@yahoogroups.com">infoguys-list-subscribe@yahoogroups.com</a><br/>
      > To unsubscribe, send a message to <a
      > href="mailto:infoguys-list-unsubscribe@yahoogroups.com">infoguys-list-unsubscribe@yahoogroups.com</a><br/>
      > <p><hr></p>
      > Yahoo! Groups Links



      >






      --
      Respectfully,

      Ryugen C Fisher
      PCG-Investigations
      http://www.pcg-investigations.com
      -Serving our clients since 1984-

      mailto:mycroft@...

      6:19:02 PM Friday, January 20, 2006
    Your message has been successfully submitted and would be delivered to recipients shortly.