Consider this an impossibility. Telnet to port 25 is the equivalent to a
SMTP communication.
There are tricks that could be done with an IDS setup such as looking
for the characteristics of telnet (individual characters per packet) and
sending a RST back to the source, but at the end of the day, what you
have accomplished is weeding out only a few crackers.
Instead, focus on hardening your email server, removing banners with
product names and revision numbers, pen-testing, and having good design
and policies for Internet accessible systems.
HTH,
--- Gavin
-----Original Message-----
From: John Hardly [mailto:[EMAIL PROTECTED]]
Sent: Monday, January 15, 2001 14:03
Cc: [EMAIL PROTECTED]
Subject: [FW1] How to block "telnet mail.Mydomain.com 25 "
Hi all,
I'd like to know if anyone has an idea on how to block someone from
iniating commands to my sendmail thru "telnet mail.MyDomain.com 25".
Please consider both of the cases : the Mail server is behind a
firewall or Not.
Tanks.
--
John Hardly
E-mail : john (at) iav (dot) ac (dot) ma
========================================================================
========
To unsubscribe from this mailing list, please see the instructions
at
http://www.checkpoint.com/services/mailing.html
========================================================================
========
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
