CAP6135: Malware and Software Vulnerability
Analysis
(Spring
2014)
Homework 1: Manually send a spam email (Due date: Mar.
23rd midnight via
WebCourse)
In this simple assignment, you will need to first log in Eustis machine, then use telnet to manually send a spam (faked) email to a special-created gmail account: "ucf.cap6135@gmail.com". From this experiment, you will understand why there are so many untrusted email around and how easy for attackers to send out spam or phishing email.
Please follow the in-class illustration (lecture 13) to send this faked email. In order to make these assignment email not be treated as the other spam email, you must follow the following specifications:
1. The sender email address must be "fake@", you can use any domain name in the sender email address EXCEPT domains belonging to UCF (i.e., do not use cs.ucf.edu, eecs.ucf.edu, knights.ucf.edu, or longwood.eecs.ucf.edu).
2. The email must have a subject line as "CAP6135:
firstname lastname". Put your name in the subject line so that
you can be credited. Otherwise I cannot tell who send this
email!
3. The email must have a "from: ..." and the "to:
...." field. These two fields are displayed when you read an
email. You can put whatever text you want on these two fields.
(HINT: they are typed in the "DATA" command section!)
4. Put in some words in the content. Must be at least two lines.
You can type in two "rcpt to:" to include your own email
address for verification in the second "rcpt to". Because EECS
email server now only support relay with a few local LAN IPs
including Eustis, so you can only use Eustis server to send
email to any email address.
Submission:
1. You need to send this spam email
AND submit your report via WebCourse before the due date/time.
2. Submit a brief report showing your
telnet interaction steps. You MUST copy the SCREENSHOT IMAGE in
your report showing the interaction steps when you create this
spam. A simple text showing the interaction is not good enough.