On 7 Jun 2000, at 7:20, The Flying Hamster wrote:
> On Tue, Jun 06, 2000 at 09:38:00PM +0100, Guillaume Finance wrote: >
> I've heard that someone tried to intrude a network by getting to the
> SMTP > port of the EMail server (Linux / Exim) first to get then to an
> NT Server.
>
> Unless there's a buffer overflow I've not heard of then I'm not quite
> sure how this would work.
Called SAMBA, it allows a person to access the file system of an
NT Box, quickest security measure for this is to disable server and
workstation on a client, this should solve this problem as it would
disable netbios. but exim should prevent this, as it's not as much
of a security risk as our friend (with lots of sarcasm intended)
Sendmail.
> > Also I know that we can send faked email just by getting onto the
> > SMTP port (via telnet) - does exim can prevent from this?
>
> Nope, it's a function of the smtp specification, providing the
> envelope information isn't rejected by your antu-relaying rules then
> 'faking' an email is trivial.
The only easy way is to determine if a session is going to slow.
The only way probably to remove this possibility is to lower the
command time out, but this then has the bad side effect that on
slow links, that it would time out.
Jason
---
Jason Robertson
Network Analyst
jason@???
http://www.astroadvice.com
