Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] Lotus Notes
From: Kevin Flynn <mailtech2 () YAHOO COM>
Date: Wed, 27 Sep 2000 11:29:14 -0700

Lotus Notes uses Port 1352 for it's Remote Procedure
Call and Notes Replication. If you want to run a Lotus
Notes Server, then port 1352 typically needs to be
open, or another port should be defined in the
Notes.ini file.

Typically companies have this port open to perform
replication with remote hub servers (whether they be
mail, application, etc.) via TCP/IP.  A good
configuration will encrypt all such traffic, but
server-side security must also be well defined.  If
not (won't go into the details of Domino server
security here), leaving this port open through the
firewall could leave your mail server wide open to
spoofing.


--- D V <mysecurite () YAHOO FR> wrote:
Hi everybody,

I would like to have your opinion regarding a point
on
Lotus Notes Security. Imagine you have a Lotus Notes
Server connecting to the Internet, you can have
access
to databases througth HTTP and access to the TCP
port
1352 (Lotus Notes port).

So what is the risk associated to have the 1352 port
open on the Internet ? Intrusion, DoS ?
And how to exploit the vulnerability ?

Thanks by Advance.


___________________________________________________________
Do You Yahoo!? -- Pour dialoguer en direct avec vos
amis,
Yahoo! Messenger : http://fr.messenger.yahoo.com


__________________________________________________
Do You Yahoo!?
Send instant messages & get email alerts with Yahoo! Messenger.
http://im.yahoo.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault