Re: SMTP vulnerabilities

From: Dave Wreski (dave@guardiandigital.com)
Date: 12/01/01


Message-ID: <3C095606.C8E2EFC@guardiandigital.com>
Date: Sat, 01 Dec 2001 17:13:26 -0500
From: Dave Wreski <dave@guardiandigital.com>
To: security-discuss@linuxsecurity.com
Subject: Re: SMTP vulnerabilities


> As you know, SMTP is vulnerable to DoS attacks (mail bombing and spamming).

Yes.

> You agree also that the solution is PGP or S/MIME.

No. PGP won't help you with SMTP. Perhaps you're thinking of something
like TLS or SMTP-AUTH which can be used to determine if a user is
authorized to send mail through the mail server. PGP only provides
encryption.

> Suppose that you are asked to detect the vulnerabilities of a LAN, how do
> you proceed to know if the server SMTP is vulnerable to DoS attacks ? In
> other words, how can you check if this server uses PGP or S/MIME or at least
> IPsec?

The SMTP protocol is inherently susceptible to DoS attacks. There's no
access control to prevent someone from flooding your server with more
requests than it can handle. Also, just because it may use something
like IPSec doesn't mean it can't be DoS'd.

dave

--
Dave Wreski
Corporate Manager                           Guardian Digital, Inc.
(201) 934-9230                Pioneering.  Open Source.  Security.
dave@guardiandigital.com            http://www.guardiandigital.com
------------------------------------------------------------------------
     To unsubscribe email security-discuss-request@linuxsecurity.com
         with "unsubscribe" in the subject of the message.