Ssl pop imap smtp BIND FTP protocols –advantages and disadvantages

IMAP POP and SMTP protocols are used to handle email and is used either to receive or send mail via an MTA (mail transfer agent) to an email the server. The mail then uses the email header address to determine its destination and finally delivers it. Many Service providers that provide this service may maintain both mail servers as the hosting package, or provided for free either by a third party. A mail server queues the mail for processing until the recipient/mail client ( elm, Eudora, pine Netscape, Thunderbird, evolution) requests for the mail. SMTP (Simple Mail Transfer Protocol) is currently the standard for sending mail between different hosts.

Imap and Pop are the most commonly used protocols for retrieving mail from a server. In the early years,  usage of sendmail was the most prevalent server, though it was discovered later that it was vulnerable to Denial of Service (DoS) attacks. The Sendmail configuration file is the standard sendmail.cf file that defines how the email server/client setup will operate. It is a huge file and therefore it can present to administrators huge management tasks. The configuration required for the sendmail.cf file has grown in complexity. Buffer overflow, pipe attacks, and MIMEbo attacks are areas intruders can exploit. When a malicious code is inserted within an email header, it can gather basic information once it has landed in your system.

Buffer overflow attacks is another problem all together, where an attacker can feed a program with excess data than it is supposed to receive exceeding the buffer size. The main aim of this attack is to choke the system by overwriting the system memory with abitrary values outside a decreased size of array. This overwhelms the operation of the system as excess data spills into subsequent data locations. It may eventually slow the network. This problem must not be allowed to persist as a user can exploit and overtake the executing process to gain root priviledges, activities that can result to unpredictable system behavior. Mechanisms to prevent intrusion including standalone intrusion detection systems IDS.

Active Wiretap?

Is a more hostile term!  Is done through manipulating or altering the content of a communication. Passive wiretapping or eavesdropping/impersonation does not involve altering the ongoing communication.

When communication or data is carried along the cable it is transmitted in form of electrical impulses. If  a DSL/ADSL modem is used to connect your computer to the internet, signals are encoded as tones and an electromagnetic field is created. Its operatability can happen covertly in a sense that interception is undetectable. Wireless network signals are transmitted from one point to another using modulated radio frequencies.

Mail transfer agents (MTA) operates in two ways with the mail client. They can automatically transfer mail content to the local machine or wait for requests from the user to download it on the system. For medium sized companies Pop protocol seems enough. Large Companies that have huge Data to store, prefer IMAP as the medium of transferring mail. The advantage of IMAP over pop is that it does not waste CPU cycles as the mail is downloded automatically making it favorable for multiple users. Mail users need not to request or search for their mail. IMAP implementation has disk quota issues..

BIND & SNMP;
BIND is a DNS service  Berkeley Internet Name Domain is the most widely used DNS. Domain names are helpful in  several ways and one of the most important reasons is that you will not be happy to use a number of sequences every-time you send mail. If a computer wants to send information from one domain to the other, it has to ask the the DNS to translate the domain name into numeric internet address and it must include the numeric address with the request. Under the circumstances, Domain Names make it easier to memorize a domain rather than depending on an IP address. Someone can easily masquareade the nameservers of top-level Domain names owned by commercial companies.By convention, mail servers running (POP) post office protocol use port 110 and therefore TCP packets packets must contain four things. It must contain (a) the internet address of the recipient (b) the port number (c) the internet address of the sender (d) the port number of the sender.

FTP

File Transfer protocal is a method of uploading and downloading web content online. FTP possess many risks because it creates two channels during a session. One channel facilitates upload and downloads while the other one creates a command line channel CLI.

To increase security, encryption methods can be used to protect data confidentiality and integrity. Examples include using  a hierachical, certificate based PKI basically known as S/MIME, used in commercial mail handling programs such as microsoft exchange and eudora. The other approach that is individual to individual is called the PGP. SSL is a protocol designed to provide such capabilities.

%d bloggers like this: