S

ENGR 1110Introduction to Engineering – Cyber Security

Allison Holt, Adam BrownAuburn University

E-mail Security

How E-mail works

Receiving E-mail POP3 IMAP

Sending E-mail SMTP

Various malicious uses Social Engineering Spam

How E-mail Works

How E-mail Works

E-mail Accounts

E-mail accounts are virtual addresses for sending and receiving e-mail

An e-mail account is representative of a user on a server

E-mail account names are only unique per domain adam@gmail.com adam@yahoo.com

Account Aliasing adam@gmail.com a@gmail.com adambrown@gmail.com

Simple Mail Transfer Protocol (25)

SMTP is at the heart of the Internet’s electronic mail system.

Client-Server architecture

No intermediate SMTP servers normally

SMTP is a push protocol

7-bit ASCII encoding required

No authentication required

Mail Message Formats

E-mail was modeled after snail-mail

Peripheral information stored in a header

Headers contain very valuable information

Body of the message follows the header

From: alice@auburn.eduTo: bob@auburn.eduSubject: Searching for the meaning of life.

Typical Message Header

POP3 (110) vs. IMAP (143)

Mail Access Protocols

Post Office Protocol (POP3) Extremely simple protocol Client-Server architecture Three Phases

Internet Message Access Protocol (IMAP) Much more functionality than POP3 Remote management Isolated component retrieval

Receiving E-mail

Spam

Phishing

Fraud

HTML E-mail

Attachment Security

Forged Headers

Tell-Tale Signs of Illegitimate Email

Unexpected Origin

Too Good to be True

Domain Mismatch

Over-Complex Language

Illogical Urgency

Embedded Web Links Mismatch

Active Content

Fake Email

Fake Email Cont.

Forged Headers

Forged Headers

Forged Headers

Sending E-mail

Digital Certificates

Digital Signatures

PGP and GPG

MIME Your Manners

Digital Certificates

What is a digital certificate?

Certificate Authorities

How do they work?

Asymmetric Encryption

Digital Signatures

What is a Digital Signature?

Protects Non-repudiation Data Integrity

How does it accomplish this?

The message digest

Digest comparison

PGP and GPG

Pretty Good Privacy

Asymmetric Encryption

Non-centralized web of trust

Key pairs

PGP Servers

MIME Your Manners

Multi-purpose Internet Mail Extensions

Ability to attach files

No security benefit

S/MIME

Security Benefits and Issues

Connection Security (SSL/TLS)

Secure Sockets Layer / Transport Layer Security

Most widely deployed security protocol used today

Operates on top of TCP

Lengthy handshake process

Ensures secure communication

You Know You Love It!

Where’s the Mail Room?

Mail Exchanger Records

nslookup Queries DNS for certain records for a given host

dig Domain Information Groper

host Normally used to convert host names to IP addresses

Find the Mail Server

google.com

yahoo.com

auburn.edu

aol.com

nslookup> set type=mx> domain-name.com

dig domain-name.com MX

host -t MX domain-name.com

Sending Mail via Your Favorite

Sending and Receiving Mail from the terminal is awesome!

Why is he making us do this?

What all do we have to do?

Can we take a break if we do it?