Penetration Testing mailing list archives
RE: TELNET and SMTP
From: "Russell Butturini" <rbutturini () tcstech com>
Date: Mon, 9 Jul 2007 16:46:42 -0500
Agreed 100%. There's nothing indicative of a problem here. The only thing I see on a day to day basis is if the company is using an external spam filtering service, but still accepting SMTP traffic from everywhere instead of just the IPs of the spam filtering service, then they could be subject to spammers/attackers bypassing the filters and not maximizing the value of what they're paying the 3rd party to do; But that's a very very specific case. -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Levenglick, Jeff Sent: Monday, July 09, 2007 8:08 AM To: Thomas W Shinder; pen-test () securityfocus com Cc: Deus, Attonbitus; Greg Mulholland; jim () isatools org; Steve Moffat Subject: RE: TELNET and SMTP Thomas, Why would you close port 25? Silly statement. Why is everybody thinking that port 25 is unprotected when he got the 'standard' 553:no relay message? Someone at least turned on a few relay options on the mail configuration. (which is better then an open relay) Btw.. Open relay would have been the correct term to use if he could have sent an email instead of getting the no relay. (assuming that he forged the from field..ect) Best thing for him is to go to www.sendmail.org and read the FAQ's for relay. To be honest, I was worried about this statement: "2)What purpose do you believe that the SMTP
service provides? Does the SMTP simply recieve!?!? Thank you all,
Zach" If he is passing himself off to a company as an experienced security person and he does not know something simple as SMTP then I think he needs to move on to something else. -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Thomas W Shinder Sent: Saturday, July 07, 2007 7:41 PM To: pen-test () securityfocus com Cc: Deus, Attonbitus; Greg Mulholland; jim () isatools org; Steve Moffat Subject: RE: TELNET and SMTP An unprotected port? You need to be very careful because "port attackers" and do awful things to ports. That's why we do "port scans" to look for "ports" we can take advantage of. That's why we have "hardware" firewalls, because they allow us to "open" and "close" "ports". Let the software guyz worry about any services might be located behind those "ports" -- remember the "hardware" firewalls will protect our "ports"! NOT. Thomas W Shinder, M.D. Site: www.isaserver.org Blog: http://blogs.isaserver.org/shinder/ Book: http://tinyurl.com/3xqb7 MVP -- Microsoft Firewalls (ISA)
-----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of wymerzp () sbu edu Sent: Saturday, July 07, 2007 7:31 AM To: pen-test () securityfocus com Subject: TELNET and SMTP Hello all, I'm looking at a client's site and they have unprotected access to port 25 (i.e. I can telnet to it and issue commands). When I attempt to send an email I get this message '553 Relaying is not supported'. My question is two-fold: 1)What could I do with the unprotected SMTP access if I can't send mail. 2)What purpose do you believe that the SMTP service provides? Does the SMTP simply recieve!?!? Thank you all, Zach -------------------------------------------------------------- ---------- This List Sponsored by: Cenzic Swap Out your SPI or Watchfire app sec solution for Cenzic's robust, accurate risk assessment and management solution FREE - limited Time Offer http://www.cenzic.com/wf-spi -------------------------------------------------------------- ----------
------------------------------------------------------------------------ This List Sponsored by: Cenzic Swap Out your SPI or Watchfire app sec solution for Cenzic's robust, accurate risk assessment and management solution FREE - limited Time Offer http://www.cenzic.com/wf-spi ------------------------------------------------------------------------ ----------------------------------------- This e-mail message is private and may contain confidential or privileged information. ------------------------------------------------------------------------ This List Sponsored by: Cenzic Swap Out your SPI or Watchfire app sec solution for Cenzic's robust, accurate risk assessment and management solution FREE - limited Time Offer http://www.cenzic.com/wf-spi ------------------------------------------------------------------------ ------------------------------------------------------------------------ This List Sponsored by: Cenzic Swap Out your SPI or Watchfire app sec solution for Cenzic's robust, accurate risk assessment and management solution FREE - limited Time Offer http://www.cenzic.com/wf-spi ------------------------------------------------------------------------
Current thread:
- RE: TELNET and SMTP, (continued)
- RE: TELNET and SMTP Shenk, Jerry A (Jul 07)
- Re: TELNET and SMTP StaticRez (Jul 07)
- Re: TELNET and SMTP Marco Ivaldi (Jul 09)
- Re: TELNET and SMTP Hans-J. Ullrich (Jul 07)
- Re: TELNET and SMTP rajat swarup (Jul 07)
- RE: TELNET and SMTP Richard Lane (Jul 08)
- Re: TELNET and SMTP A. Tom McFrog (Jul 08)
- Re: TELNET and SMTP AdamT (Jul 08)
- RE: TELNET and SMTP Thomas W Shinder (Jul 07)
- RE: TELNET and SMTP Levenglick, Jeff (Jul 09)
- RE: TELNET and SMTP Russell Butturini (Jul 09)
- RE: TELNET and SMTP Levenglick, Jeff (Jul 09)
- Re: TELNET and SMTP Levenglick, Jeff (Jul 08)