tags:

views:

1166

answers:

3

I need to make a large set of tests in telnet. I am working on some ways to auto detect dictionary attacks on our email server, and then throttle them back, or blacklist them etc.

I am now ready to run some tests and see if my work pays off. I figured I would just download some script kiddy app to run the tests. I can not find any and those I can are bad or binary and non configurable.

I will have a list of addresses I generate in a loop.

I want to take $address as an argument and do this:

telnet myserver.com 25 helo some-string.com mail from: [email protected] rcpt to: $address quit

Within that, I need to test a few things, such as, if I enable greylisting, I want to fail the script, as that is my first countermeasure. I suppose in that case, I would just have telnet timeout?

  • helo should return a code string starting with 220, that is about as accurate as I need to make this test.

  • mail from should return 250, or looking for OK would suffice

  • rctp to should return 250 or Ok sometimes, when I send in a valid user, but most of the time I will send in a bad address, so I look for the absence of 250 or OK.

  • Finally, I will send in a quit.

I am not able to get conditions and logging to happen within an interactive situation. I looked at expect but could not get it to work.

My code so far:

echo -e "helo foo\nmail from: foo.... | telnet example.com 25 | grep -i blah

This did not perform as expected.

What can I do to accomplish my goal?

+3  A: 

Try netcat: http://netcat.sourceforge.net/

It'll let you send and receive data on a socket. telnet isn't what you want - it's for interactive use.

Andrew Medico
netcat's definitely the tool, but just be aware that in some organizations it might trigger malware alerts. It's not malware itself, but it's a tool that allows people to probe a network in ways that admins and security people don't feel comfortable with.
Michael Burr
A: 

I'm surprised that Expect didn't do it for you since it's written for just these kinds of things.

Perl is simpler in some ways and can get a job like this done. But with Perl, you won't bother with Telnet, you can instead open port 25 directly.

If you really want to exercise your server get the source for Siege and modify it to talk SMTP instead of HTTP. That was my favorite tool for testing Apache performance and I'm sure it wouldn't be too hard to make it test Sendmail.

John Fricker
I am playing with expect, any ideas how to do conditionals in it, that is all I need.
With some fiddling, Expect is the way to go.
+1  A: 

expect wrapped around netcat (instead of telnet) is probably the best initial bet. But, if you really need to this, I would use perl. There are SMTP client libraries for it.

mcr