ESTMP Exploits & Security

From: Jeff McLaughlin (JMclaughlin_at_springsgov.com)
Date: 03/09/04

Next message: Mark Medici: "RE: GOTOMYPC Corporate?"

Previous message: Jeremy McBane: "Security Appliances"
Next in thread: Jeff McLaughlin: "RE: ESTMP Exploits & Security"
Maybe reply: Jeff McLaughlin: "RE: ESTMP Exploits & Security"
Maybe reply: JTH: "RE: ESTMP Exploits & Security"
Maybe reply: Dante Mercurio: "RE: ESTMP Exploits & Security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: security-basics@securityfocus.com
Date: Tue, 9 Mar 2004 09:49:38 -0700

All,

I'm looking for info on exploits and security of ESMTP when you telnet into
port 25. I understand how to telnet in and send email via the command line
but trying to understand the security implications of being able to do this.
I am currently looking at this on Exchange 5.5.

Does ESMTP from the command line need to be "accessible" for the apps to
work or enabled to troubleshoot?

Are their DDOS attacks or hacks against ESMTP?

Is there a best practice to secure ESMTP

I've been able find info about ESMTP (commands) but not much info on the
potential security risks.

Thanks, jeff mclaughlin

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

Next message: Mark Medici: "RE: GOTOMYPC Corporate?"

Previous message: Jeremy McBane: "Security Appliances"
Next in thread: Jeff McLaughlin: "RE: ESTMP Exploits & Security"
Maybe reply: Jeff McLaughlin: "RE: ESTMP Exploits & Security"
Maybe reply: JTH: "RE: ESTMP Exploits & Security"
Maybe reply: Dante Mercurio: "RE: ESTMP Exploits & Security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

how to exploit the ESMTP service
... I'm looking for info on exploits and security of ESMTP when you telnet into ... but trying to understand the security implications of being able to do this. ... Does ESMTP from the command line need to be "accessible" for the apps to ...
(Pen-Test)
RE: ESTMP Exploits & Security
... Subject: ESTMP Exploits & Security ... I'm looking for info on exploits and security of ESMTP when you telnet into ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ...
(Security-Basics)
ESMTP service
... I'm looking for info on exploits and security of ESMTP when you telnet into ... but trying to understand the security implications of being able to do this. ... Does ESMTP from the command line need to be "accessible" for the apps to ...
(Security-Basics)
RE: ESTMP Exploits & Security
... > I'm looking for info on exploits and security of ESMTP when you telnet ... > Are their DDOS attacks or hacks against ESMTP? ... I've heard mention of a postfix SMTP gateway, but that's not a very good ... breaking the mail server, as most servers do not use this. ...
(Security-Basics)
Re: ESMTP service
... I understand how to telnet in and send email via the ... Does ESMTP from the command line need to be "accessible" for the apps ... Are their DDOS attacks or hacks against ESMTP? ...
(Security-Basics)