RE: ESTMP Exploits & Security

From: Jeff McLaughlin (JMclaughlin_at_springsgov.com)
Date: 03/10/04

  • Next message: Peter Busser: "Re: Linux Distribution Recomendation"
    To: security-basics@securityfocus.com
    Date: Wed, 10 Mar 2004 08:49:45 -0700
    
    

     
    Also, exploits with telnetting to 110 i.e., POP3 ??

    -----Original Message-----
    From: Jeff McLaughlin [mailto:JMclaughlin@springsgov.com]
    Sent: Tuesday, March 09, 2004 9:50 AM
    To: security-basics@securityfocus.com
    Subject: ESTMP Exploits & Security

     

    All,

    I'm looking for info on exploits and security of ESMTP when you telnet into
    port 25. I understand how to telnet in and send email via the command line
    but trying to understand the security implications of being able to do this.
    I am currently looking at this on Exchange 5.5.

    Does ESMTP from the command line need to be "accessible" for the apps to
    work or enabled to troubleshoot?

    Are their DDOS attacks or hacks against ESMTP?

    Is there a best practice to secure ESMTP

    I've been able find info about ESMTP (commands) but not much info on the
    potential security risks.

    Thanks, jeff mclaughlin

    ---------------------------------------------------------------------------
    Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
    any course! All of our class sizes are guaranteed to be 10 students or less
    to facilitate one-on-one interaction with one of our expert instructors.
    Attend a course taught by an expert instructor with years of in-the-field
    pen testing experience in our state of the art hacking lab. Master the
    skills
    of an Ethical Hacker to better assess the security of your organization.
    Visit us at:
    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    ----------------------------------------------------------------------------

    ---------------------------------------------------------------------------
    Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
    any course! All of our class sizes are guaranteed to be 10 students or less
    to facilitate one-on-one interaction with one of our expert instructors.
    Attend a course taught by an expert instructor with years of in-the-field
    pen testing experience in our state of the art hacking lab. Master the skills
    of an Ethical Hacker to better assess the security of your organization.
    Visit us at:
    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    ----------------------------------------------------------------------------


  • Next message: Peter Busser: "Re: Linux Distribution Recomendation"

    Relevant Pages

    • RE: Minimum password requirements
      ... say it risks decreasing security rather than improving it. ... > Ethical Hacking at the InfoSec Institute. ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ...
      (Security-Basics)
    • Re: process identification
      ... IT Technical Security Officer ... the computer has an open port with a listening ftp-server, but there is no matching PID with netstat. ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. ...
      (Security-Basics)
    • RE: ISA Server Crash
      ... Asunto: RE: ISA Server Crash ... Astaro Security Linux, the comprehensive security solution that combines six ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ...
      (Security-Basics)
    • RE: Minimum password requirements
      ... I'd say it risks decreasing security rather than ... >> Ethical Hacking at the InfoSec Institute. ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ...
      (Security-Basics)
    • RE: Wireless LAN Security for Warehouse
      ... Security Consultant ... Wireless LAN Security for Warehouse ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ...
      (Security-Basics)