Detecting "telnet"?
in [Postfix]
|
From: Michael J Wise on 11 Jun 2010 02:03 On Jun 10, 2010, at 9:19 PM, Victor Duchovni wrote: > On Thu, Jun 10, 2010 at 11:31:49PM +0200, Ralf Hildebrandt wrote: > >> I heard that there are firewalls/security appliances that supposedly >> can distinguish "somebody using telnet" from "a machine speaking SMTP". >> >> I must admit, it sounds feasible (timing between keystrokes etc.), but >> little useful. >> >> Anyway. Is there such a thing? Does anybody use such a thing? > > Why do you want to discriminate against "telnet 25"? Administrators of > sites that want to trouble-shoot connectivity issues with your server > will use "telnet 25" from time to time. There is no need to block > this, it is by far the least likely source of any significant spam > volume... Certainly agree. If someone IS doing it ... they have a really good reason. And you would do WELL to make it reasonably easy for them. I had to do it the other day to figure out what was going wrong with a certain hard to debug subsystem. Aloha, Michael. -- "Please have your Internet License http://kapu.net/~mjwise/ and Usenet Registration handy..."
From: Ralf Hildebrandt on 11 Jun 2010 03:57 * Victor Duchovni <Victor.Duchovni(a)morganstanley.com>: > > Anyway. Is there such a thing? Does anybody use such a thing? > > Why do you want to discriminate against "telnet 25"? What do i know? I don't do this nonsense :) 'm just asking > Administrators of sites that want to trouble-shoot connectivity issues > with your server will use "telnet 25" from time to time. There is no > need to block this, it is by far the least likely source of any > significant spam volume... Indeed. There are faster methods. -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt(a)charite.de | http://www.charite.de
From: "N. Yaakov Ziskind" on 11 Jun 2010 10:43 Ralf Hildebrandt wrote (on Fri, Jun 11, 2010 at 09:57:42AM +0200): > > Administrators of sites that want to trouble-shoot connectivity issues > > with your server will use "telnet 25" from time to time. There is no > > need to block this, it is by far the least likely source of any > > significant spam volume... > > Indeed. There are faster methods. Kinda reminds me of the Donald Westlake story, which described a fine-arts painter who took to counterfeiting $20s; the Secret Service let him go with a slap on the wrist, they said, when they figured out it him hours to produce each note. :-) -- _________________________________________ Nachman Yaakov Ziskind, FSPA, LLM awacs(a)ziskind.us Attorney and Counselor-at-Law http://ziskind.us Economic Group Pension Services http://egps.com Actuaries and Employee Benefit Consultants
From: Ralf Hildebrandt on 11 Jun 2010 12:25 * N. Yaakov Ziskind <awacs(a)ziskind.us>: > Kinda reminds me of the Donald Westlake story, which described a > fine-arts painter who took to counterfeiting $20s; the Secret Service > let him go with a slap on the wrist, they said, when they figured out > it him hours to produce each note. :-) Exactly my point. -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt(a)charite.de | http://www.charite.de
From: Bryan Irvine on 11 Jun 2010 12:32 I vaguely remember managing an email server around 1997 and there was a checkbox to disable telnet access. IIRC it was Imail on windows NT 4, but that was a long time ago. I do remember thinking it was odd that they could discriminate, but it seemed to work - though I'm not sure how or why. -B On Thu, Jun 10, 2010 at 2:31 PM, Ralf Hildebrandt <Ralf.Hildebrandt(a)charite.de> wrote: > I heard that there are firewalls/security appliances that supposedly > can distinguish "somebody using telnet" from "a machine speaking SMTP". > > I must admit, it sounds feasible (timing between keystrokes etc.), but > little useful. > > Anyway. Is there such a thing? Does anybody use such a thing? > > -- > Ralf Hildebrandt > Geschäftsbereich IT | Abteilung Netzwerk > Charité - Universitätsmedizin Berlin > Campus Benjamin Franklin > Hindenburgdamm 30 | D-12203 Berlin > Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 > ralf.hildebrandt(a)charite.de | http://www.charite.de > >
First
|
Prev
|
Next
|
Last
Pages: 1 2 3 Prev: dealing with Yahoo slowness Next: smtpd_reject_unlisted_recipient |