[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Port 25 email via telnet exploit

Subject: Re: [cobalt-users] Port 25 email via telnet exploit
From: "Danny Daniels" <dcd@xxxxxxxxxxxxxxxxxx>
Date: Tue Jun 4 08:25:01 2002
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

> At 11:01 PM 6/3/2002, you wrote:
> >Paul Jacobs wrote:
> >
> > > Telnet is turned off on my boxes, but you can still get to port 25 via
> > > telnet... just like you can telnet to port 80 of any webserver.
> > > It's a huge hole that not may know about..
> >
> >Let's not confuse things any more than they already are, Paul.  I'm
> >willing to bet you I can telent into your Windows SMTP server exactly
> >the same way from your DOS prompt.  It's normal behavior.  If you
> >couldn't connect to port 80, you couldn't see websites.  If you couldn't
> >connect to port 25, mail wouldn't work at all.
>
> Not true.
>
Paul,

I may be reading this wrong, but I think your confused. Telnet to port 23
and telnet to port 25 are entirly different things.

Try the following of port 25 from a shell prompt or a dos prompt, it works
just the same.

# telnet 192.168.1.1 25  # IP address of SMTP server. 25 is for port 25
# HELO
# 250 ok
# MAIL FROM: username@xxxxxxxxxx
# 250 ok
# RCPT TO: username@xxxxxxxxxx
# 250 ok
# DATA
# .

Just trying to help

-Danny

Follow-Ups:
- Re: [cobalt-users] Port 25 email via telnet exploit
  - From: Mark Ward

References:
- Re: [cobalt-users] Port 25 email via telnet exploit
  - From: Paul Jacobs
- Re: [cobalt-users] Port 25 email via telnet exploit
  - From: Paul Jacobs

Prev by Date: Re: [cobalt-users] about dedicated raq
Next by Date: Re: [cobalt-users] Port 25 email via telnet exploit
Previous by thread: Re: [cobalt-users] Port 25 email via telnet exploit
Next by thread: Re: [cobalt-users] Port 25 email via telnet exploit

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index