Hi,
>From an audit perspective, you should not run services that may give out
information to your attackers.
According to Nessus:
The EXPN command can be used to find the delivery address of mail aliases,
or
even the full name of the recipients, and the VRFY command may be used to
check the
validity of an account.
Your mailer should not allow remote users to use any of these commands,
because it gives
them too much informations.
I would recommend you check what version of Sendmail you are running and
establish its associated vulnerabilities. Telnet to your server on port 25
and type VRFY ( there should be help on syntax) and decide whether the
information it gives out is what you would like the attackers to see.
Hope I am making some sense.
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: 05 July 2001 09:44
To: '[EMAIL PROTECTED]';
[EMAIL PROTECTED]
Subject: [FW1] sendmail EXPN VRFY
Hi, all gurus:
After auditing, I was told the following vulnerable services existing in
the HPUX 10.20 workstation:
Sendmail command EXPN is enable
Sendmail command VRFY is enable
Any idea about this?
Thanks a lot,
Jin
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
