Security Basics mailing list archives
Re: Re: mail server vulnerability
From: "Atilla Remote Support" <info () atilla dhs org>
Date: Fri, 20 Feb 2009 18:15:16 +0100
Hi Praveen. Can you tell me how to disable telnet login to the smtp port? I've got telnet daemon disabled on a server, but still I can telnet to port 25. However this does not mean that people can do email relaying because the MTA takes care of that. Also the banner name is changed so people can't see which mta and which version is running, it's stating a fake application and version number. But I still would like how to block telnet access to port 25 on a linux machine (Centos 5.2). Regards, Richard. ----- Original Message ----- From: <praveen_recker () sify com> To: <security-basics () securityfocus com> Sent: Friday, February 20, 2009 4:37 PM Subject: Re: Re: mail server vulnerability
Hi Abhishek, You can try connecting to the SMTP server using telnet,say c:/>telnet smtp_ip 25 this should not be successful....so system admins should block TELNET to SMTP servers. If successful this gives u the banner. Based upon version and vendor search for any exploits available for free (refer milw0rm, metasploit etc) if u have commercial tools(coreimpact, saint etc) it's well and good. If u are good at Perl develop ur own script and start sending attacks by changing USER names, DOMAIN names etc to overly long strings, format specifiers etc. Best Regards, Praveen Darshanam, Security Researcher, INDIA
Current thread:
- mail server vulnerability Abhishek Kumar (Feb 09)
- Re: mail server vulnerability p3dRø (Feb 09)
- RE: mail server vulnerability Nick Vaernhoej (Feb 09)
- Re: mail server vulnerability Eitan Adler (Feb 10)
- <Possible follow-ups>
- Re: Re: mail server vulnerability viveksilla (Feb 10)
- Re: Re: mail server vulnerability ryancol (Feb 10)
- Re: mail server vulnerability Ansgar Wiechers (Feb 10)
- Re: Re: mail server vulnerability praveen_recker (Feb 20)
- Re: Re: mail server vulnerability Atilla Remote Support (Feb 20)
- Re: Re: mail server vulnerability greimer (Feb 20)
- Re: Re: mail server vulnerability Atilla Remote Support (Feb 20)
- Re: mail server vulnerability Patrick J Kobly (Feb 20)
- Re: mail server vulnerability Atilla Remote Support (Feb 20)
- Re: Re: mail server vulnerability Atilla Remote Support (Feb 20)
- Re: Re: mail server vulnerability Balakrishnan B (Feb 20)