Posted: Sat Jun 15, 2013 7:37 pm Post subject: email analysis
Mike is a network admin in Solar Inc. Recently he received several complaints regarding the slow responses of their Business to Business (B2B) applications. He starts investigating this problem and found a big load on their daily email utilization which changed from the usual ten thousand emails per day to a hundred thousand emails per day! He continued to check how many connections the mail severs have and from where these connections are coming from. He found that there is a zombie network contains mostly IP addresses from Asia Pacific, Africa and Mexico networks. The attacker(s) was(were) sending as many messages as possible to e-mail boxes on his email servers with original sender residing on YAHOO and GMAIL free mail hosting in the zombie network. His mail servers were expected to be one of mail servers which would flood targeted services by not delivering reports since each message has more than 10 invalid recipients.
Mike asked you as a forensics expert to investigate this case. Explain in detail the steps you would follow. Specify and justify the tool that you used in each step.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum