Security Basics mailing list archives
Re: Re: mail server vulnerability
From: Jared Curtis <jared () w00ttech com>
Date: Fri, 20 Feb 2009 10:31:16 -0800
You can't block telnet access to port 25. When you telnet to port 25 you're not connecting to telnetd, your're connecting to the smtp service. SMTP is human readable and a telnet client can display the output, you could also use netcat, to connect. Trying to block telnet access to port 25 will not work as there is nothing to block. When you connect using the telnet program you're acting just like a remote MTA. On Fri, Feb 20, 2009 at 7:37 AM, <praveen_recker () sify com> wrote:
Hi Abhishek, You can try connecting to the SMTP server using telnet,say c:/>telnet smtp_ip 25 this should not be successful....so system admins should block TELNET to SMTP servers. If successful this gives u the banner. Based upon version and vendor search for any exploits available for free (refer milw0rm, metasploit etc) if u have commercial tools(coreimpact, saint etc) it's well and good. If u are good at Perl develop ur own script and start sending attacks by changing USER names, DOMAIN names etc to overly long strings, format specifiers etc. Best Regards, Praveen Darshanam, Security Researcher, INDIA
Current thread:
- Re: mail server vulnerability, (continued)
- Re: mail server vulnerability Eitan Adler (Feb 10)
- Re: Re: mail server vulnerability viveksilla (Feb 10)
- Re: Re: mail server vulnerability ryancol (Feb 10)
- Re: mail server vulnerability Ansgar Wiechers (Feb 10)
- Re: Re: mail server vulnerability praveen_recker (Feb 20)
- Re: Re: mail server vulnerability Atilla Remote Support (Feb 20)
- Re: Re: mail server vulnerability greimer (Feb 20)
- Re: Re: mail server vulnerability Atilla Remote Support (Feb 20)
- Re: mail server vulnerability Patrick J Kobly (Feb 20)
- Re: mail server vulnerability Atilla Remote Support (Feb 20)
- Re: Re: mail server vulnerability Atilla Remote Support (Feb 20)
- Re: Re: mail server vulnerability Balakrishnan B (Feb 20)