Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

A vice president at Alexander Rocco Corporation says he received a hostile e-mai

ID: 3910834 • Letter: A

Question

A vice president at Alexander Rocco Corporation says he received a hostile e-mail message from an employee in the Maui office. Human Resources has informed him that the message’s contents are grounds for termination, but the vice president wonders whether the employee actually sent the message. When confronted, the employee claims he didn’t send the message and doesn’t understand why the message shows his return address. Write a memo to the vice president, outlining the steps an employee might have taken to create an e-mail message and make it appear to come from another employee’s account. Be sure to include some SMTP commands the culprit might have used.

Explanation / Answer

Answer)

As we understand that it appears that the president at Alexander Rocco Corporation says he received a hostile e-mail message from an employee in the Maui office. HR has confirmed that this means the employee should be terminated but the employee says in his defense that he didn’t send the message and doesn’t understand why the message shows his return address. Here is a memo to the vice president, outlining the steps an employee might have taken to create an e-mail message and make it appear to come from another employee’s account. The things that we need for this will be explained step by step:

a) This trick is called forging an email used by spammers and attackers. Email is sent by SMTP servers and this can be configured to be sent an email from any address the spammer or attacker wants. The recipient would not know who sent the actual message rather than the return email id the forger wants him to see in this case the other employee id email.

b) The attacker or forger will use an email SMTP server that allows open-relaying and is unsecured. Testing the connection to the SMTP server by the attacker using command:

telnet smpt.server.name 25

smpt.server.name is the name of the SMTP server.

25 is the port.

c) If the last step succeeds and connection is established, we can type the command to impersonate someone's email account using the command:

MAIL FROM:employee1@company.com

This will create problems as above for the employee with employee1@company.com as he will be the one who will appear sending the email.

d) Attacker will set the recipient address as:

RCPT TO:boss@company.com

This will set the recipient as the above email.

e) Creating the data for the email by entering command:

DATA

We can also replace the Date with any date we want to use using command:

Date: (date you want)

We can set the subject as:

Subject: (your subject)

f) After the subject is typed, and we press Enter. Then the body can be types into the email. Thus the email is formed.

g) The forged email is sent.

The above is the way that an employee might have taken to create an e-mail message and make it appear to come from another employee’s account.

Related Questions

A vessel which contains an ice-water mixture at 0C is in thermal contact with a
Question #2204166
A vessel whose walls are thermally insulated contains 2.40kg of water and .500kg
Question #1768770
A vessel with a volume of 2 L is halffilled with water and then sealed so it con
Question #982658
A veteran of the war who left Southeast Asia in 1971 was tested in 1991, and it
Question #904551
A veterinarian amputated a swollen testicle from a zebra at a zoo and discovered
Question #320880
A veterinarian collects data on the number of times race horses are raced during
Question #3312972
A veterinarian does research on the causes of enteroliths, stones that develop i
Question #3226219
A veterinarian does research on the causes of enteroliths, stones that develop i
Question #3230155
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
A vibration sensor, used in testing a washing machine, consists of a cube of alu
Next
A vice president for marketing recruits 20 college graduates for management trai

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.