Rookie class: e-mail security risks and prevention technology

Internet e-mail is the most common use and scope of service, level of comfort for people at the same time, he also worrying security issues électronique.E-mail was leaked, falsification and counterfeiting incidents occurred, spam is miserable, e-mail Trojan attacks becoming more advanced, and it became one of the main means of attack réseau.Dans this article, the existence of security risks e-mail on technical analysis, how to enhance e-mail security, to take safety precautions efficient, firmly grasp the initiative Webmail security, given some corresponding preventive measures.

safety education, especially universal access to education and attention to confidentiality, personal computers are strictly require the installation of antivirus software and personal firewalls, virus database and system vulnerabilities patch has been updated in a timely manner, speaking for the majority of computer security systems hidden informatiquesrisques have been effectively reduced, active attacks by intruders significantly reduce the probability of success, but in Due to the popularity of the network, many families and units with the conditions on the Internet, watch a personal message to e-mail has become a part of the vie.E-mail attacks have become a primary means of network attacks, especially those with the virus, Trojans Web, Trojans, vulnerabilities and use special software to e-mail Trojan flooded the Internet user to open and read the message, horse Troy infectéet system can spread through removable storage devices, so the email security has become a security can not be ignored, and to solve problems.

Email send and receive and view e-mail There are two main ways, one is directly through the web server Mail, the other is in a separate Email client software like Outlook, Foxmail, etc. Jiapei Wu gives an infected e-mail Foxmailméthodes, Jiang Hualong and so on principle, and anti-spam techniques are analysés.Chevaux current Trojan email attacks Trojan justification of the principle of e-mail for less.

1. Analysis E-mail security risk

risk software 1.1

No software is perfect, no software is defective, but the level of danger of the sample size to provide a default email service to receive e-mail messaging server and client software defects are more or less present.

Software (1) e-mail its own shortcomings

Until now, the market for server software messaging, email client and web mail server security vulnerability existé.Messages QQ-mail to other users read loophole Elm disclose any vulnerability email Mail Security for Domino Mail Relay Vulnerability, The Bat! Password protect the bypass vulnerability, insecurity vulnerability Outlook Express identity, 263 letters express WinBox escape, bypass password Foxmailà through the holes and so suite.L existence of these vulnerabilities in the computer control the intruder, you can easily get the e-mail address and user name and password that, if the address book e-mail, you can also get other people to contact e-mail.vulnérabilités Some customer e-mail, an attacker can build the special format of the message, the message embedded in the Trojans, as long as the patch is not playing, the user opens the mail, will be the implementation of Trojans, a high security risk.

(2) Software-mail server and client issues a software configuration

email server software and client software will also occur due to misconfiguration, resulting from a higher risk of security, such as skin Cedric email reader configuration script file that contains remote vulnerabilities exist. Many administrators are not familiar with because the configuration of the mail server, set up the platform mail server, or to use only enough to consider without taking into account should be safe and reliable to use, just set in the configuration can be used for e-mail is not secure their pénétrationrisque safety test, too.

1.2

Trojan hidden email

normal message, no matter how safe operations and security risks are often from non-normal e-mail, combined with social engineering attacks on the current method of broadcasting, sending messages to the surface, there is not much difference with the regular mail, messages are often not faciledépistage.Ces as follows.

(1) Web of Troy, the message format for the page file to view the HTML of the message can not open these pages using Internet Explorer and other major defects, when you open the message, will develop the address to download Trojans and executed in the background.

(2) Trojan application vulnerabilities of security software, these messages often contain an attachment, the attachment may be the type of exe file, it could be doc, pdf, xls, ppt and other types of files, the invaders by building a special format, the software will be bundled with software or trojanfichier, when a user opens these files, they will directly implement Troyens.Il is also a more subtle, to replace those who download Trojan software, download that is a designated site to download the software Trojan is not a virus, users viewing the file, the first implementation of downloaders, Trojan downloaders and then etmise download the software implementation of an anti-virus software depends on those who download the software as normal, it will not mort.Cette approach is good for hiding, survival Trojan, security, high risk.

(3) The disclosure of hidden information, the user registration BBS forum, blog and related services in a number of companies have asked for information such as email address, and certain business individuals for commercial purposes such as e-mail will be sold at profit, Cesla disclosure of personal information can lead to security problems, a situation where personal registration information has not been screened on the network, any user can view and search via Google and other search engines can access more detailed data and information, Weihai high.

1.3 system security risks

risks to system security in the wider field of application of the system during the installation, configuration, and later during use due to improper use may cause security problems, such as download and run the software without a security check, the system is not open gaps exist ilsrisque high security risks, and not easy to prevent, often only standardized training, building management system to reduce the risk.

2. Mail Trojan technology

Web 2.1 technologies Trojan

Page Trojan is more popular in recent years as a Trojan horse technology, its principle is to use IE or Windows vulnerability component itself (usually a buffer overflow) to execute arbitrary commands (downloadable Internet Trojan horse, and hide the implementation of the Decree), more general common vulnerabilities arising from IE files deformation (deformed as ANI, Word documents, etc., IE automatically calls the default association to open it causing overflow), the components of the program (with java call to the component’s vulnerability to execute commands) The basic code is to use vbs script to download Trojans and implementation œuvre.Early Web Trojan has two main files, one for the html file to another file for the horse Troie.Si the operating system of the visitor, there are gaps in the file access page will automatically horses Troie.Comme the anti-virus software Avira later began to use the framework of web pages Trojan, for example, the framework is integrated in the normal web pages, because part of the width of the page and height are 0, so that the page will not be visual abnormalities, not easily detected., Emerging behind the use of JavaScript, JavaScript deformation encryption, CSS, Java, camouflage images and other methods convert part of the code of the web page and deformation, which makes them difficult to find and kill the anti-virus software.

Intruder

one hand the different sites, commercial sites and web portals such as placing a Trojan, control, personal computers, steal personal account, such sale to reap commercial benefits flow; Troy will also be in these pages, Web documents, a large number of spame-mail if the recipient accidentally open a web page file, the computer will be infected and transmit

Trojan, security, high risk.

file provided 2.2 technology

The basic paper delivered b.exe a.exe is attached at the end, when the a.exe is executed when b.exe also monitored the implementation of the. Earlier in the technical beam of the paper is relatively simple, relatively easy to kill documenting fixture, followed by the gradual emergence of files through the use of resources to carry out linked in the PE file resources may be arbitrary data, Trojan horse in the resources, the implementation of the normaleprogramme after the release of Trojans.

Trojans in the mail, grouped Trojan attacks are the most common form of attack, more direct, simply open the message in the bundle of documents will be implementing Troyens.Commune The following file types grouped:

(1) the installation file applications. Such an executable file disguised as an installer icon is often the installation file.

file (2) Ebook e-book.Ebook e-book is an executable file, HTML and other type of file is the file generated by compiling an executable file.

(3) Flash files Flash.fichier has two types, a flash file is executable, you can look directly launch the flash, the other is. Swf files ending with the need to separate the Flash Player.

All basic file a normal file supplied with the Trojan file, edit the file icon when grouped, the real, to attract users to open these files to control the spread of computer viruses or purpose.

2.3 application software leverages technology

vulnerabilities in application software and use Trojan horses, difficult to identify the largest danger.logiciels Office Word, PowerPoint, Excel, Adobe Reader, the browser and if books Superstar there were vulnerabilities high risk in the office every day is widely used in these files, using software vulnerabilities Trojan application, without difference between the file normalLorsque the user opens, it will open the regular implementation of programs Trojan and fichiers.Les intruders often use vulnerabilities in software applications to create Trojans, Jiang these files apparently normal attacking 给 mail attacks once they open the mail file Zhong, trojan virus infection the probability of Gao.

3. Mail Security and Protection

Mail Server 3.1 Security and protection

Mail server security is to ensure that the basic safety of operating system, because the coverage of the security of the operating system of relatively large, this paper is the assumption that, in Under the principle of security of the operating system, focusing on e-mail security, their system uses the following measures to ensure Jian Yi:

(1) update fixes vulnerabilities of the operating system.

(2) to install antivirus software and firewalls, to update the virus library, regular time to kill the virus, if the security gateway conditional use e-mail.

(3) a checklist of safety, conduct regular safety checks in accordance with the security policy.

(4) restricted access to server IP addresses, as well as e-mail provides messaging services, IP Security can do if the restrictions on the IP address to maintain confidence in network settings.

(5) to install software to be tested for safety, to ensure that no plug-ins, to ensure the software installation is “clean.”

the mail server, no matter what type of mail server configuration, server configuration, software, Internet mail server to find the current version if there are gaps, as well as articles related to the configuration safety and conduct a security assessment of associated risks and risk response measures.

3.2 Technology Security

mail client

over safety of the mail server, the mail client is the main target of attacks Trojan e-mail, do e-mail client, the security of essential safety measure in the customer mail.ordinateur E-mail must install a firewall, antivirus, and update the virus database security patches and operating système.Recommandé anti-virus software with e-mail monitoring, users can use common household the “Rising avast free + firewall! Antivirus software “combination, avast! A strong ability to monitor e-mail and Web Trojans, and the message is gratuit.Recommandations prevention Trojans following four methods:

(1) an “investigation” was mainly looking at the e-mail, if attachment, first save the attachment locally, then use the killing of antivirus software . If it is an executable file, be sure to pass the physical means of communication, ask the sender to ensure that messages from sources fiables.Proposé change the Folder Options, delete files “have hidden file extension” option, to be able to display the file name suffix to prevent intruders from changing the file suffix, true, to encourage the Trojans execution recipient.

(2) 2 “see” the primary means of seeing the message headers, as well as the address of the sender, if the message has attachments, you must first view the property schedule, attachment hidden suffix fichier.Si the mail client program to provide a way to display text, it is recommended to view the text display mode.

(3) 3 “block” is found to have been infected in the case, connect the time to take corrective action if we find the system infected by a Trojan horse, it is recommended to restore the system or reinstall the operating system.

(4) using encryption software in two ways to view and send and receive messages, such as using PGP encryption software to send and receive messages, signature certificates by path of personal trust to secure e-mail, to prevent counterfeiting, mail handling.

If you look at the e-mail accidentally infected by a Trojan e-mail must be immediately faulty network, to kill the virus, do data backup, if possible, try to restore the system, and staff report network management, system security controls nouveauveiller that the local network entirely.

4. Conclusion

This article deals with e-mail security risks, e-mail attacks became one of the main means of attack, because the message has become a daily part of the essential, most people use the Internet e-mail, if there is no message related to security lasensibilisation the message success rate Trojan invasion, whether personal, corporate, government or military, have a risk much security, document E-mail technical Trojan were studied, and finally gives some solutions pratiquese-mail against the Trojans have a reference value.

Leave a Comment