On Sat, Apr 21, 2001 at 02:12:46AM -0500, Adam Keys wrote: > On 20 Apr 2001 18:26:00 -0400, Jonathan Freiermuth wrote: > > > tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 0 1542 487/sendmail: accep > > udp 0 0 0.0.0.0:1112 0.0.0.0:* 0 127022 16024/send-mail > > I know little about sendmail, but if I was allowed to guess, I would say > it's just an ephermal connection between > sendmail and a client. Following that, I would wonder why you are > running sendmail on a firewall? :) > Sendmail. Yeah, I know. I wanted to receive normal system mail from the firewall. I had root aliased to myself at my workstation. But on the external interface, port 25 is not open. The iptables rules accept connections from a relaying mail server on port 2525 on the external interface, and forward them to my mail server using the NAT tables. I figure if no one can hit from the outside world, it would be secure enough to run. Just to be paranoid, I figure I'll reinstall it, with Debian, and turn off both sendmail and sshd. I have it connected to my workstation via serial console, so I don't need sshd anymore. Then there should be no network stuff other than the dhcp client, which I need for access to roadrunner. > > -- > ,-----------------------------------------------------------------------------. > > Adam Keys | < > > akeys@mail.smu.edu | Adam Keys Development < > > ICQ# 11772935 | Ubercoder < > > http://mk.hotweird.com/~adam | < > ,-----------------------------------------------------------------------------. > I wonder if I'm insecure, secure, secure about my insecurity, or secure about > covering up my insecurity. > `-----------------------------------------------------------------------------' > > > -- > To UNSUBSCRIBE, email to debian-security-request@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org > > -- Jonathan Freiermuth jon@gnatfart.com
Attachment:
pgpyMQYANdFyL.pgp
Description: PGP signature