Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Backdoor not recognized by Kaspersky

From: "Matthew C. Beckman" <fulldisclosure () mnbn net>
Date: Thu, 4 Mar 2004 03:14:33 -0600
One ISP here in Israel, has tried to do something about

this.

They block all TCP traffic on port 25 (bi di) except for

there own mail

servers IP


This is happening in the United States as well.  Late last
month, Charter Communications (*.charter.net), a cable
provider, began blocking outbound TCP port 25 (inbound is
blocked as well, but that may have been done earlier).
Notice wasn't given, or at least it didn't reach any
customers I talked to.  All outgoing mail from within their
network must now go through their own SMTP server.

This isn't optimal since their mail is queued and has a 5
meg limit on file attachments.  However, simply forwarding
TCP port 26 to 25 on the remote servers will take care of
that.  Charter uses IP-authentication and doesn't
restrict/examine the headers that are sent, so you aren't
restricted too much.  It can be quite a pain for those that
check their email with a laptop from multiple locations.  At
home they can only send via Charter's SMTP server, however,
from outside the network, you have no access.  This causes
quite a mess.

This does, however, allow Charter to raise a flag if
mass-mailings are being sent out, due to a spammer or worm,
and can block it from going out.

- Matthew C. Beckman

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: