Re: down to the core
--- Arnt Karlsen <arnt@c2i.net> wrote:
> On Thu, 29 Jul 2004 08:19:24 -0700 (PDT), Mike wrote in message
> <[🔎] 20040729151924.16363.qmail@web11908.mail.yahoo.com>:
> > Correct. As I remember you where running mail on port 25, it may be
>
> ..me? You find anything port 25 on my fw box, I'd like to know. ;-)
>
> > popossibleo kill the mailer and then hack on a closed port 25. If
> > your asking if having another port open will be more of a security
> > risk, then prprobablyot. The security risk comes in when you
> > acactuallytart running the server. Harden your system from
> > prprivilegescalation hahacksthen**when** a server is compromised the
> > effect is miminimal
>
Sorry about the mess yahoo's speller made. Port 25 is mail, it's almost
essential on any commercial network(you FW must pass this data). I was
merly pointing out that you could access the TCP stack in both
open(accepting) and closed(not bound) modes. Since you have open ports
that will connect to services that could be dosed to be segfaulted. Once
killed the port will still be FWed as open but not bound to any process.
It may also be posible, thought less likely, that you could trick the
program to remain bound but the app never calls accept(2).
> --
> ..med vennlig hilsen = with Kind Regards from Arnt... ;-)
> ...with a number of polar bear hunters in his ancestry...
> Scenarios always come in sets of three:
> best case, worst case, and just in case.
>
>
>
> --
> To UNSUBSCRIBE, email to debian-firewall-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
>
>
__________________________________
Do you Yahoo!?
Yahoo! Mail - 50x more storage than other providers!
http://promotions.yahoo.com/new_mail
Reply to: