158    Chapter 3 • Communication Security: Remote Access and Messaging

                 Keeping up with security patches, hardening remote access systems, and being
             aware of flaws in different remote access methods must be part of the security pro-
             fessional’s daily routine.
                 E-mail is one of the most common means of communications used in many
             parts of the world. Because e-mail travels across multiple routers, servers, and
             mediums, more parties than just the recipient might be able to access the messages
             or data attached to an e-mail.To protect yourself and your data, you should con-
             sider using encryption. Encryption scrambles the contents of a message and attach-
             ments, and then puts the contents back together on the recipient’s end.Anyone
             attempting to view the data in between will generally be unable to decipher the
             content. S/MIME was developed from MIME. MIME is an extension of SMTP
             that provides the ability to pass different kinds of data files over the Internet
             including audio, video, images, and other types of files MIME does not offer any
             security features by itself. Developers at RSA Security created S/MIME to address
             the security flaws of regular SMTP e-mail transfers. S/MIME deals with deter-
             mining how data encryption and digital certificates are to be handled.
                 Messages are encrypted using a symmetric cipher (method of encrypting text),
             and a public-key algorithm is used for key exchange as well as digital signatures.
             S/MIME can be used with the DES, 3DES, and RC2 encryption algorithms.
                 Philip R. Zimmermann is the creator of PGP. PGP is a third-party application
             that can be installed to interact with e-mail client software.When PGP is installed,
             plug-ins for Microsoft Outlook, Outlook Express, ICQ, Netscape, and other pro-
             grams can also be installed, allowing users to encrypt, decrypt, and sign messages
             sent through these e-mail packages. PGP uses a combination of public and private
             keys to secure e-mail. PGP encryption and key exchange is designed in the “Web
             of trust” model.When PGP is run, the digital signature is compared with public
             keys that are stored on a local key ring.
                 As with RAS, e-mail security is susceptible to its own types of vulnerabilities.
             SMTP relay is one of the most commonly exploited vulnerabilities. SMTP relay is
             a feature of e-mail servers that allows a message to be accepted by one SMTP
             server and automatically forwarded to its destination domain by that server. SMTP
             relay must be tightly controlled, otherwise the SMTP server may be forwarding e-
             mail for another organization. Most e-mail server programs (Microsoft Exchange,
             sendmail, and so forth) have the ability to limit the addresses that SMTP e-mail can
             be relayed from.
                 E-mail has become the most popular means of transferring viruses.Viruses are
             generally spread through e-mail as attachments. Executing these viruses can be
             done by opening or viewing the file, by installing and/or running an attached pro-



          www.syngress.com