Want to learn key competencies from a pro in a format that any of us at any point in our career can benefit from reviewing and practicing in the field of User Experience design, strategy and execut...Descripción completa
Well Cementing PracticesFull description
For OSP Engineers
Want to learn key competencies from a pro in a format that any of us at any point in our career can benefit from reviewing and practicing in the field of User Experience design, strategy and…Full description
Best practices for Oracle DBA. From 2004
Splunk Best Practices
Best practices for Oracle DBA. From 2004Full description
Randolph Gallegos 10/09/2014 NT2670 Unit 4 Assignment 1 SMTP Security Best Practices List and describe three SMTP server security threats.
Threat #1: Viruses Viruses Viruses have been around for years, but that doesn't make them an y less dangerous or easy to eradicate. New, more destructive viruses and worms are being unleashed at an alarming rate. e!orts indicate that " !ercent more virus attacks we re launched in $% than the !rior year. The &anuary(arch $) (ydoom virus outbreaks were the biggest the *nternet has encountered to date. Threat #$: +!am +!am is e!ected to increase to - to !ercent of total email. (oreover, the boundary between s!am and viruses is blurring. New viruses turn deskto! /0s into s!ams!ewing 2ombies. There is also a new ty!e of s!amming techni3ue called !hishing, used to du!e reci!ients into !roviding confidential !ersonal identity information. 4ou can e!ect the occurrence of these s!amvirus hybrids to increase and develo! into even more dangerous and damaging threats. The &anuary $) 05N+/5( 5ct 5ct has so far had no effect on s!am, !rimarily because *nternet technology allows s!ammers to hide their identities, and some s!ammers merely move their o!erations offshore where 6.+. laws cannot touch them. *t is also clea r from the rise of virus attacks that the threat of vigorous enforcement with severe ! enalties has not deterred virus writers either. Threat #%: 7irectory 8arvest 5ttacks 9785s 5lso called dictionary attacks, this techni3ue steals !ro!rietary information from cor!orate
directories. 7uring a 785, s!ammers attem!t to deliver messages to multi!le addresses, such as ;ohndoey the time log analysis identifies a sus!ect */ address barraging an email server with invalid delivery attem!ts, the valid addresses have long been harvested. The sobering reality is that on average, 1 !ercent or less of +(T/ connections handled by cor!orate mail servers are legitimate email. 5n estimated % to ) !ercent of inbound +(T/ connections through the cor!orate mail gateway can be traced to 7o+ and 785 attacks. These threats can overwhelm mail transfer agents 9email servers to the !oint of shutdown. 9To! " email security threats List three suggestions to harden SMPT server security.
?imit the si2e of !ermitted messages ?imit the total si2e of a single session ?imit the number of messages !er connection [email protected] ways to secure your +(T/ servers In what scenario would you require TLS encryption?
T?+ is encry!tion for the email transmission while it is going across to another mail server. The other mail server could be across the internet or across your A5N.
6se T?+ for eam!le is you are going to allow your remote users to relay mail via your mail server across the internet, as this will encry!t the username and !assword too for the smt! connection 9if you im!lement this.
*f you send sensitive emails to your !artners on a regular basis use T?+ to send email to them as this ensures the email transmission from your smt! server to their smt! server is encry!ted.
@inally use T?+ to further !rotect your 5ctive+ync, BA5 or /0C8TT/+ as o!!osed to using the weaker ++?.
/ros: the transmission is encry!ted and hence a bit more secure= also you get a sort of confirmation es!ecially between !artners that the email did come for the !artner's server.
0ons: +light load due to the encry!tion 9but very slight, if you use an *nternal 05 to get the certificates from you need to give your !ublic root cert to your !artner so that they can trust your certs and vice versa. 9T?+ !ros and cons
Works Cited Four ways to secure your SMTP servers . (n.d.). Retie!ed "om sea#h e$#hange te#h taget% http%//sea#he$#hange.te#htaget.#om/tip/&o'a*stose#'e+,T- se!esandimpo!epe"oman#e TLS pros and cons . (n.d.). Retie!ed "om ms e$#hange "o'ms% http%//"o'ms.mse$#hange.og/T+-os26ons/m10043702/tm.htm Top 5 email security threats . (n.d.). Retie!ed "om inta"o#'s.#om% http%//.inta"o#'s.#om/smtpse#'e/97933A5635 1196&A752200.htm