home *** CD-ROM | disk | FTP | other *** search
- Path: sparky!uunet!newsgate.watson.ibm.com!news.ans.net!cmcl2!rlgsc.com!gezelter
- From: gezelter@rlgsc.com
- Newsgroups: comp.os.vms
- Subject: Re: Anonymous SMTP
- Message-ID: <1992Dec18.011136.286@rlgsc.com>
- Date: 18 Dec 92 01:11:35 EST
- References: <9212171518.AA10066@ucbvax.Berkeley.EDU>
- Organization: Robert Gezelter Software Consultant, Flushing, NY
- Lines: 36
-
- In article <9212171518.AA10066@ucbvax.Berkeley.EDU>, CM3BCH11@staffordshire.ac.uk writes:
- >
- > Someone may have mentioned this, but the best way of stopping people
- > accessing port 25 is to recompile telnet with a check in the code
- > to stop people specifying port 25. Thats what i'd do.
- >
- > This won't stop people with their own copy of telnet
- >
- >
- > Tony Blews.
- > Staffordshire University
- > Computing Student
- >
- --
- Tony,
-
- My apologies for putting this in a public posting, but...
-
- You correctly note (in your last paragraph) the Achilles heal of
- this approach, namely that people may use their own copy of the
- program to access socket 25. This renders this type of approach
- worse than nothing.
-
- If you were to put this "patch" in, you would do so for the
- purpose of preventing the problem. However, all you get out of
- this is a false sense of security, which is more dangerous than
- no security at all.
-
- - Bob
- +--------------------------------------------------------------------------+
- | Robert "Bob" Gezelter E-Mail: gezelter@rlgsc.com |
- | Robert Gezelter Software Consultant Voice: +1 718 463 1079 |
- | 35-20 167th Street, Suite 215 Fax: (on Request) |
- | Flushing, New York 11358-1731 |
- | United States of America |
- +--------------------------------------------------------------------------+
-
