E-Mail Virus Protection Handbook

Protect Your E-mail from Trojan Horses, Viruses, and Mobile Code Attacks

1st Edition - November 6, 2000
Author: Syngress
Language: English
Paperback ISBN:
9 7 8 - 1 - 9 2 8 9 9 4 - 2 3 - 7
eBook ISBN:
9 7 8 - 0 - 0 8 - 0 4 7 7 5 3 - 4

The E-mail Virus Protection Handbook is organised around specific e-mail clients, server environments, and anti-virus software. The first eight chapters are useful to both user… Read more

Purchase options

LIMITED OFFER

Save 50% on book bundles

Immediately download your ebook while waiting for your print delivery. No promo code is needed.

Institutional subscription on ScienceDirect

Request a sales quote

The E-mail Virus Protection Handbook is organised around specific e-mail clients, server environments, and anti-virus software. The first eight chapters are useful to both users and network professionals; later chapters deal with topics relevant mostly to professionals with an emphasis on how to use e-mail filtering software to monitor all incoming documents for malicious behaviour. In addition, the handbook shows how to scan content and counter email address forgery attacks. A chapter on mobile code applications, which use Java applets and Active X controls to infect email and, ultimately, other applications and whole systems is presented.

The book covers spamming and spoofing: Spam is the practice of sending unsolicited email to users. One spam attack can bring down an entire enterprise email system by sending thousands of bogus messages or "mailbombing," which can overload servers. Email spoofing means that users receive messages that appear to have originated from one user, but in actuality were sent from another user. Email spoofing can be used to trick users into sending sensitive information, such as passwords or account numbers, back to the spoofer.

Introduction

Chapter 1: Understanding the Threats: E-mail Viruses, Trojans, Mail Bombers, Worms, and Illicit Servers

Introduction

Essential Concepts

Servers, Services, and Clients

Authentication and Access Control

Hackers and Attack Types

What Do Hackers Do?

Attack Types

Overview of E-mail Clients and Servers

Understanding a Mail User Agent and a Mail Transfer Agent

The Mail Delivery Agent

When Are Security Problems Introduced?

History of E-mail Attacks

The MTA and the Robert Morris Internet Worm

MDA Attacks

Analyzing Famous Attacks

Case Study

Learning from Past Attacks

Viruses

Worms

Types of Worms

Trojans

Illicit Servers

Differentiating between Trojans and Illicit Serversxiv Contents

E-mail Bombing

Sniffing Attacks

Carnivore

Spamming and Security

Common Authoring Languages

Protecting Your E-mail

Protecting E-mail Clients

Third-party Applications

Encryption

Hash Encryption and Document Signing

Summary

FAQs

Chapter 2: Securing Outlook 2000

Introduction

Common Targets, Exploits, and Weaknesses

The Address Book

The Mail Folders

Visual Basic Files

Attacks Specific to This Client

Security Updates

Enabling Filtering

Junk E-mail

Filtering Keywords

Mail Settings and Options

HTML Messages

Zone Settings

Enabling S/MIME

Why You Should Use Public Key Encryption

Installing and Enabling Pretty Good Privacy (PGP)

Understanding Public Key Encryption

Summary

FAQs

Chapter 3: Securing Outlook Express 5.0 and Eudora 4.3

Introduction

Outlook Express for Windows

Security Settings

Attachments

Outlook Express for Macintosh

Junk Mail Filter

Message Rules

Attachments

Eudora for Windows and Macintosh

Security

Attachments

Filtering

Enabling PGP for both Outlook Express and Eudora

Sending and Receiving PGP-Secured Messages

Automatic Processing of Messages

File Attachments and PGP

Summary

FAQs

Chapter 4: Web-based Mail Issues

Introduction

Choices in Web-based E-mail Services

Why Is Web-based E-mail So Popular?

The Cost of Convenience

Specific Weaknesses

Case Study

Specific Sniffer Applications

Code-based Attacks

Solving the Problem

Using Secure Sockets Layer (SSL)

Secure HTTP

Practical Implementations

Local E-mail Servers

Using PGP with Web-based E-mail

Making Yourself Anonymous

Summary

FAQs

Chapter 5: Client-Side Anti-Virus Applications

Introduction

McAfee VirusScan 5

Norton AntiVirus 2000

Trend Micro PC-cillin 2000

Summary

FAQs

Chapter 6: Mobile Code Protection

Introduction

Dynamic E-mail

Active Content

Taking Advantage of Dynamic E-mail

Dangers

No Hiding Behind the Firewall

Mobile Code

Java

Security Model

Points of Weakness

How Hackers Take Advantage

Precautions You Can Take

JavaScript

Security Model

Points of Weakness

How Hackers Take Advantage

Precautions to Take

ActiveX

Security Model

Points of Weakness

How Hackers Can Take Advantage

Precautions to Take

VBScript

Security Model

Points of Weakness

How Hackers Take Advantage

Precautions to Take

Summary

FAQs

Chapter 7: Personal Firewalls

Introduction

What Is a Personal Firewall?

Blocks Ports

Block IP Addresses

Access Control List (ACL)

Execution Control List (ECL)

Intrusion Detection

Personal Firewalls and E-mail Clients

False Positives

Network Ice BlackICE Defender 2.1

Installation

Configuration

E-mail and BlackICE

Aladdin Networks’ eSafe, Version 2.2

Installation

Configuration

E-mail and ESafe

Norton Personal Firewall 2000 2.0

Installation

Configuration

ZoneAlarm 2.1

Installation

Configuration

E-mail and ZoneAlarm

Summary

FAQs

Chapter 8: Securing Windows 2000 Advanced Server and Red Hat Linux 6 for E-mail Services

Introduction

Updating the Operating System

Microsoft Service Packs

Red Hat Linux Updates and Errata Service Packages

Disabling Unnecessary Services and Ports

Windows 2000 Advanced Server—Services to Disable

Internet Information Services (IIS)

Red Hat Linux—Services to Disable

Inetd.conf

Locking Down Ports

Well-Known and Registered Ports

Determining Ports to Block

Blocking Ports in Windows

Blocking Ports in Linux

Maintenance Issues

Microsoft Service Pack Updates, Hot Fixes, and Security Patches

Red Hat Linux Errata: Fixes and Advisories

Windows Vulnerability Scanner (ISS System Scanner)

Linux Vulnerability Scanner (WebTrends Security Analyzer)

Logging

Common Security Applications

Firewall Placement

Summary

FAQs

Chapter 9: Microsoft Exchange Server 5.5

Introduction

Securing the Exchange Server from Spam

Exchange and Virus Attacks: Myths and Realities

Learning from Recent Attacks

Exchange Maintenance

Service Packs

Plug-ins and Add-ons

Third-party Add-ons

Microsoft Utilities

Content Filtering

Attachment Scanning

Recovery

Backing Up Data

Restoring Data

Summary

FAQs

Chapter 10: Sendmail and IMAP Security

Introduction

Sendmail and Security: A Contradiction in Terms?

Sendmail’s History

Threats to SendMail Security

Fixes

Alternatives: Postfix and Qmail

Comparing Your Options

Internet Message Access Protocol (IMAP)

The IMAP Advantage

Understanding IMAP Implementations

Administering the Server

IMAP Summary

Recovery

Backing Up Data

Restoring Data

The Bottom Line on Backup

Summary

FAQs

Chapter 11: Deploying Server-side E-mail Content Filters and Scanners

Introduction

Overview of Content Filtering

Filtering by Sender

Filtering by Receiver

Subject Headings and Message Body

Overview of Attachment Scanning

Attachment Size

Attachment Type (Visual Basic, Java, ActiveX)

McAfee GroupShield

Installation of GroupShield

Configuration

Specific Settings

Trend Micro ScanMail for Exchange Server

Installation of ScanMail

Configuration

Specific Settings

Additional ScanMail Offerings

Content Technologies’ MAILsweeper for Exchange 5.5

Installation of MAILsweeper

Configuration

Specific Settings

Firewall and E-mail Content Scanning

Content Technologies MIMEsweeper for CheckPoint’s Firewall-1

Axent Raptor Firewall

Attack Detection and System Scanning

Attacks

Real-time, Third-party Services

Evinci

Securify

Summary

FAQs

Appendix: Secrets

Lesser-known Shortcuts

Under-documented Features and Functions

Disable an ActiveX Control

For Experts Only (Advanced features)

Web Pages on Mobile Code Security Topics

Outlook Web Access (OWA)

Using SendMail To Refuse E-mails with the Love Letter Virus

Troubleshooting and Optimization Tips

Index