But there again SMTP is for some reason open on that machine and unless you are also using it as a mail server I don't see the point in making it available to the public at large. Send mail does not need to have SMTP open in order to send. This is yet another thing that confuses me about your firewall arrangements. On Nov 16, 2012 1:34 PM, "Gerald Drouillard" <[email protected]> wrote:
> On 11/16/2012 12:45 PM, Noah Mehl wrote: > > Tony, > > I just figured out an exploit in 15 minutes with the help of Google > http://www.semicomplete.com/articles/ssh-security/: > > $sudo ssh -vN -L25:localhost:25 PlcmSpIp@sipxecsip > $sudo ssh -vN -R25:localhost:25 PlcmSpIp@sipxecsip > $telnet localhost 25 > > > Of course you can telnet to port 25 (smtp) on the server to localhost. > You have sendmail running on local host. If your sendmail is configured > properly you will not be able to access port 25 for another machine or the > real ip address of the server. > > -- > Regards > -------------------------------------- > Gerald Drouillard > Technology Architect > Drouillard & Associates, Inc.http://www.Drouillard.biz > > > _______________________________________________ > sipx-users mailing list > [email protected] > List Archive: http://list.sipfoundry.org/archive/sipx-users/ > -- LAN/Telephony/Security and Control Systems Helpdesk: Telephone: 434.984.8426 sip: [email protected] Helpdesk Customers: http://myhelp.myitdepartment.net Blog: http://blog.myitdepartment.net
_______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users/
