On Sun, Jul 13, 2008 at 4:17 PM, Kokhong Cheng <[EMAIL PROTECTED]> wrote:
> I've been confused by a conversation I've had with an old I.T. veteran. I > asked him why he did not enable IMAP on his company's email server (instead, > allowing POP3/SMTP). His reply was that IMAP has security concerns (but he > did not specify what), and that IMAP was susceptible to Directory Harvest > Attacks. > > I did some checking on the web, and found out that DHA is associated with > SMTP. Nowhere did IMAP come into the picture. Since I am not an IMAP expert, > I also did not want to challenge this IT pro who has at least a good ten > years more experience than me. > Theoretically, as long as there is any detectable difference (response code, response text, time taken to respond, etc) between a valid user and a non-valid user, you could probe for valid user accounts. How does IMAP become more susceptible than, say, POP3? No idea - I haven't looked at IMAP. Maybe if there is a bizarre requirement in IMAP that wrong credentials must be responded differently from non-existent user? Otherwise, it would just be that specific implementation that is susceptible to harvesting. I'd think that harvesting attacks, in general, are not limited to SMTP. You can potentially harvest from login fields, password reminder fields, etc. Again, depending on the implementation.
_______________________________________________ Slugnet mailing list [email protected] http://wiki.lugs.org.sg/LugsMailingListFaq http://www.lugs.org.sg/mailman/listinfo/slugnet
