Security Basics mailing list archives
Re: Sender Spoofing via SMTP
From: "S.A.B.R.O. Net Security" <sabronet () indy rr com>
Date: Tue, 08 Nov 2005 07:48:51 -0500
Even if you was able to disable all the telnet clients in question, your boxes could still be molested in the same fashion using a simple HTTP (CONNECT/POST/GET)
tunnel request. -- Sincerely, William E. Hoover S.A.B.R.O. Net Security Admin www.sabronet.com sabronet () indy rr com admin () sabronet com David Gillett wrote:
Because you can't reach out and disable the telnet clients on every potential attacker's machine! Okay, what you have failed to grasp is that this is an example of using a (any!) Telnet client to connect to an arbitrary service protocol (in this case, SMTP). So although the client is a human using telnet, the protocol and service are SMTP (and NOT telnet). The presence or absence of a telnet service on the host is irrelevant. [Many open protocols are defined such that it is possible to use a telnet client in this fashion -- it can be extremely useful when trying to troubleshoot a problem, especially if one is attempting to *implement* the protocol. For whatever reason, most proprietary/closed protocols are not defined this way.] David Gillett-----Original Message-----From: Pranav Lal [mailto:pranav.lal () gmail com] Sent: Saturday, November 05, 2005 8:44 AMTo: security-basics () securityfocus com Subject: Re: Sender Spoofing via SMTP Brandon, Why not disable telnet? Pranav
Current thread:
- Re: Sender Spoofing via SMTP, (continued)
- Re: Sender Spoofing via SMTP jlopez2k5 (Nov 04)
- Re: Sender Spoofing via SMTP jalbuquerque (Nov 04)
- RE: Sender Spoofing via SMTP Tim Ballingall (Nov 04)
- RE: Sender Spoofing via SMTP Craig Wright (Nov 04)
- Re: Sender Spoofing via SMTP brandon . steili (Nov 04)
- Re: Sender Spoofing via SMTP Pranav Lal (Nov 07)
- Re: Sender Spoofing via SMTP Ansgar -59cobalt- Wiechers (Nov 07)
- Re: Sender Spoofing via SMTP Pranav Lal (Nov 09)
- Re: Sender Spoofing via SMTP Chris Moody (Nov 10)
- Re: Sender Spoofing via SMTP Pranav Lal (Nov 07)
- RE: Sender Spoofing via SMTP David Gillett (Nov 07)
- Re: Sender Spoofing via SMTP S.A.B.R.O. Net Security (Nov 08)
- Re: Sender Spoofing via SMTP Tomasz Nidecki (Nov 08)
- Re: Re: Sender Spoofing via SMTP Bryan S. Sampsel (Nov 08)
- Re: Re: Sender Spoofing via SMTP Barrie Dempster (Nov 08)