Thread: OT Yahoo breach
View Single Post
  #75   Report Post  
Posted to alt.home.repair
AL AL is offline
external usenet poster
  
Posts: 11
Default OT Yahoo breach
On 9/27/2016 6:50 PM, Diesel wrote:

DNS server doesn't get your email, doesn't forward your email to
anyplace. Doesn't even know you plan to send an email and could care
less.

A DNS server can be hacked.

"How Hackers Can Hijack Your Website And Read Your Email, Without
Hacking Your Company...the attackers are also posting screenshots of
private emails sent to your company on Twitter...they can do that by
meddling with your Domain Name System (DNS) records...attackers were
able to compromise Malaysian registrar Webnic.cc, that looks after the
DNS entries Lenovo.com and some 600,000 other websites...By altering the
DNS entries for Lenovo, the hackers were able to redirect web traffic
trying to visit Lenovo.com to a web server under their control...the
Lizard Squad hackers were now able to receive emails sent to Lenovo.com,"

http://www.tripwire.com/state-of-sec...-your-company/

And your email isn't going to 'many servers'

Depends on the route.

"Internet backbones are the largest data connections on the Internet.
They require high-speed bandwidth connections and high-performance
*SERVERS* /routers."

https://www.techopedia.com/definitio...ernet-backbone

in route to the destination, either.

hacking can occur en route.

"How to Hack the Backbone of the Internet"
http://motherboard.vice.com/blog/how...f-the-internet

"The internet backbone — the infrastructure of networks upon which
internet traffic travels — went from being a passive infrastructure for
communication to an active weapon for attacks...In this case, packet
injection is used for “man-on-the-side” attacks"
https://www.wired.com/2013/11/this-i...into-a-weapon/

And it's like this actually: SMTP...

SMPT can be hacked.

"How to Extract Email Addresses from an SMTP Server"
http://null-byte.wonderhowto.com/how...erver-0160814/

So, your email goes from your client to your server then to my
server. That's how it works.

Maybe if we were hooked by a direct wire. Otherwise depending on the
route there's likely many routers/SERVERS in between.

The email isn't provided to the DNS server.

Doesn't have to be. See DNS hack above.

The MTA server is the destination. It transfers the email it got from
my server to YOUR mailbox (if possible) vs someone elses mailbox on
it.

And available to ISP personnel for their hacking enjoyment?

Your email is transferred in plain text, of course, so I could snoop
on it as it leaves and the adminstrator(s) of the destination email
server (aka, MTA) can pull it up anytime they like while their server
waits for you to login and retrieve it. If you're concerned about
that, encryption is your friend.

I'm not the paranoid one. And the chances of any of the above happening
to me or the paranoid one are nil IMO. But I don't think I can convince him.

Reply With QuoteReply With Quote