Re: ghostly mail ports
From: Brian Bruns (bruns@2mbit.com)
Date: 01/11/03
- Previous message: alexanderdelarge@hushmail.com: "Re: win2k firewall"
- In reply to: joe: "Re: ghostly mail ports"
- Next in thread: dave: "RE: ghostly mail ports"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 11 Jan 2003 01:17:14 -0500 To: "joe" <joseph.beard@btopenworld.com>, <cabream@ntelos.net>, <security-basics@securityfocus.com> From: Brian Bruns <bruns@2mbit.com>
At 04:20 PM 1/10/03 -0000, joe wrote:
>Yeah, I knew what the ports are for, its just that they don't seem to be
>attached to anything! I was under the impression that an open port had to
>have a process keeping it open? Or is there some mechanism by which a
>program can leave it open for later use?
Basically, for a port to be 'open', a program or service has to open the
port. When the program/service quits/dies, the port is closed also. If
the process is frozen/locked, it may still answer the port, but just not
return data or accept data.
>I have (by process of elimination) worked out its Norton AV 2003, and im not
>that worried about it. But if somebody can explain why its open that would
>be great (some technical details would be lovely ;)
I have to look this up, but, in order to support
non-outlook/outlook-express clients (I think it can be manually told to use
the old style setup proxy too), NAV will start up a pop proxy and smtp
proxy service, which actually opens the ports. In your mail client, the IP
address of your mail server setting is 127.0.0.1, which tells it to use the
localhost pop proxy/smtp proxy. When making an outgoing connection to the
mail server, your mail client talks to the proxy, which then talks on your
client's behalf to the mail server. Basically, your mail client never
actually speaks directly to the mail server. This is how it intercepts
viruses.
In the username box, instead of just your username, you have to put in
username@mail.server.com, because the POP3/SMTP server is set to localhost.
So, as long as the POP3/SMTP proxy programs are running via NAV, the ports
are open. In 2002, its easy to disable the email checking - its via the
options under e-mail scanning.
Bri
--------------------------------
Brian Bruns
Founder, The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.2mbit.com
ICQ: 8077511
No spam tolerated. By sending an e-mail to this account, your
server may be subjected to an open relay/open proxy test as part
of our ongoing efforts to reduce spam.
- Next message: Juan Mejia: "suggestions for blocking dangerous mail attachments?"
- Previous message: alexanderdelarge@hushmail.com: "Re: win2k firewall"
- In reply to: joe: "Re: ghostly mail ports"
- Next in thread: dave: "RE: ghostly mail ports"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
