From: Thomas W Shinder (tshinder@tacteam.net)
Date: Sat Jul 07 2007 - 19:41:12 EDT
An unprotected port? You need to be very careful because "port
attackers" and do awful things to ports. That's why we do "port scans"
to look for "ports" we can take advantage of. That's why we have
"hardware" firewalls, because they allow us to "open" and "close"
"ports".
Let the software guyz worry about any services might be located behind
those "ports" -- remember the "hardware" firewalls will protect our
"ports"!
NOT.
Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
MVP -- Microsoft Firewalls (ISA)
> -----Original Message-----
> From: listbounce@securityfocus.com
> [mailto:listbounce@securityfocus.com] On Behalf Of wymerzp@sbu.edu
> Sent: Saturday, July 07, 2007 7:31 AM
> To: pen-test@securityfocus.com
> Subject: TELNET and SMTP
>
> Hello all,
>
> I'm looking at a client's site and they have unprotected
> access to port 25 (i.e. I can telnet to it and issue
> commands). When I attempt to send an email I get this message
> '553 Relaying is not supported'. My question is two-fold:
> 1)What could I do with the unprotected SMTP access if I can't
> send mail. 2)What purpose do you believe that the SMTP
> service provides? Does the SMTP simply recieve!?!? Thank you all, Zach
>
> --------------------------------------------------------------
> ----------
> This List Sponsored by: Cenzic
>
> Swap Out your SPI or Watchfire app sec solution for
> Cenzic's robust, accurate risk assessment and management
> solution FREE - limited Time Offer
>
> http://www.cenzic.com/wf-spi
> --------------------------------------------------------------
> ----------
>
>
>
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Swap Out your SPI or Watchfire app sec solution for
Cenzic's robust, accurate risk assessment and management
solution FREE - limited Time Offer
http://www.cenzic.com/wf-spi
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:56 EDT