Yes it's possible. However the value is dubious. There's nothing I couldn't do via raw telnet that I couldn't write an application to do (or that applications don't already exist to do).
Chris -- Chris Scharff Senior Sales Engineer MessageOne If you can't measure, you can't manage! > -----Original Message----- > From: Walden H. Leverich [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, October 24, 2001 8:14 AM > To: Exchange Discussions > Subject: RE: Disabling telnet sessions to ports 25, 110... > > > OK, let me see if I can restate my idea so as not to offend > those that think I don't know what I'm talking about. > > Wouldn't it be possible to write a proxy server that looked > at the packets received from whatever program was sending > them and checked to see if the data portion of the packet > contained only one byte. Any telnet application I've ever > seen (in telnet or RAW mode) sent the data you typed in to > the remote socket as you typed it (one byte at a time). On > the other hand any SMTP server I've ever seen sends the HELO > command in a single packet. Yes, it would be possible to > write a program that opened the socket and sent HELO in a > single packet, but that's more work that the average bear is > about to do. Also it wouldn't be a violation of the RFC for a > SMTP server to send the HELO command a byte at a time, but > I've never seen it. > > I understand the difference between the telnet protocol and > the telnet application, but tell me why my proposal wouldn't work. > > -Walden > > PS. I'm not arguing in favour of this, I think it's more work > that it's worth and you'd be disabling a _great_ debugging > tool, but the question was posed so I answered it. > > -----Original Message----- > From: Andrew Chan [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, October 23, 2001 2:23 PM > To: Exchange Discussions > Subject: RE: Disabling telnet sessions to ports 25, 110... > > > Well put... People just have to realize that the TCP/IP is > not a flawless protocol, though it's the most popular. So, > they have to live with it if there are things that they can't do. > > Andrew, > MCSE (NT & W2K) + CCNA > > > -----Original Message----- > From: Benjamin Scott [mailto:[EMAIL PROTECTED]] > Posted At: Tuesday, October 23, 2001 11:11 AM > Posted To: NewsgroupDiscussion > Conversation: Disabling telnet sessions to ports 25, 110... > Subject: RE: Disabling telnet sessions to ports 25, 110... > > > On Tue, 23 Oct 2001, Walden H. Leverich wrote: > > I know this wouldn't be easy, but what if you wrote a proxy > server for > > > port 25. That proxy server would look to see if it was receiving one > > character at a time (implying telnet) or one line at a time > (implying > > another SMTP server). > > Okay, let me try to kill this misconception once again. :-) > > There is a protocol called "Telnet", described in RFC-845 > and RFC-855. It describes a "network teletype". > > There is also a program called "Telnet". It implements the > protocol described in RFC-845 and RFC-855. > > The program called "Telnet" has a second mode of operation. > If you pass a TCP port number as the second argument, > instead of opening a Telnet connection, it opens a raw TCP > connection to the host specified by the first argument. This > connection *IS NOT* the Telnet protocol. It is simply one end > of a TCP stream. When operating in this mode, the program is > indistinguishable from any other TCP program -- such as an > SMTP client. > > When one speaks of "telneting to port 25", they really > mean, "using the 'Telnet' program to open a raw TCP > connection to port 25". > > You cannot block this, any more than you can block just > Outlook Express version 5.00.2615.200 from connecting to TCP port 25. > > Sorry, folks. :-) > > -- > Ben Scott <[EMAIL PROTECTED]> > | The opinions expressed in this message are those of the > author and do > | not | necessarily represent the views or policy of any > other person, > | entity or | organization. All information is provided without > | warranty of any kind. | > > > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]