security

How to check for an open relay

To see if yourserver.com is an open relay, you can run through the following sequence on any box that has a telnet client:
telnet yourserver.com 25
HELO myserver.ca
MAIL FROM:
RCPT TO:
DATA
From: "Relay Test" 
To: Mike 
Subject: Open Relay Test
This is a relay test. A properly configured mail server
should decline to relay this message.
 
.
QUIT

Wireshark and tcpdump Reference

Wireshark and tcpdump are extremely powerful network troubleshooting tools. Here are some command examples that may be useful.

Wireshark Display Filters

Show all ARP:
arp
Show ARP from a specific MAC:
arp.src.hw_mac == 00:16:D3:4A:CE:7D
Show all traffic to a specific IP:
ip.src == 10.14.1.16
Show all traffic to/from a specific IP:
ip.addr == 10.14.1.16
Show only SYN packets:
tcp.flags.syn
Show all web traffic:
tcp.port == 80

OpenSSL Tips & Tricks

Get into the correct directory:

cd /etc/pki/tls/certs

Generate key

openssl genrsa -des3 -out mike.key 4096

chmod 600 mike.key

Generate signing request

openssl req -new -key mike.key -out mike.csr

chmod 600 mike.csr

Get the CA to sign the request

openssl x509 -req -days 10000 -in mike.csr -out mike.cert \

-CA /etc/pki/tls/certs/army.ca/Army.ca_CA.cer \