Home page logo
/

basics logo Security Basics mailing list archives

RE: ESTMP Exploits & Security
From: Jeff McLaughlin <JMclaughlin () springsgov com>
Date: Wed, 10 Mar 2004 08:49:45 -0700



 
Also, exploits with telnetting to 110 i.e., POP3 ??

-----Original Message-----
From: Jeff McLaughlin [mailto:JMclaughlin () springsgov com] 
Sent: Tuesday, March 09, 2004 9:50 AM
To: security-basics () securityfocus com
Subject: ESTMP Exploits & Security



 

All,

I'm looking for info on exploits and security of ESMTP when you telnet into
port 25.  I understand how to telnet in and send email via the command line
but trying to understand the security implications of being able to do this.
I am currently looking at this on Exchange 5.5.

Does ESMTP from the command line need to be "accessible" for the apps to
work or enabled to troubleshoot?

Are their DDOS attacks or hacks against ESMTP?

Is there a best practice to secure ESMTP

I've been able find info about ESMTP (commands) but not much info on the
potential security risks.

Thanks, jeff mclaughlin

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the
skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault