LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 09-27-2005, 09:26 PM   #1
yenonn
Member
 
Registered: Feb 2003
Location: Malaysia
Distribution: Redhat 8.0, 9, Slackware 9.1
Posts: 511

Rep: Reputation: 30
block telnet port 25


hi all,

how to block telnet port 25? using iptables? it seem to be not working at all.

iptables -A INPUT -p tcp --dport 23 -j DROP

all i can do is blocking ppl from telneting my machine, but, i cant stop ppl from telnetting port 25. FYI, i am using postfix as my MTA.

actually, i can something like that if i can able to telnet port 25.

telnet mailserver.com 25
helo mailserver.com
mail from:<someone@mailserver.com>
rcpt to:<someone@mailserver.com>
data

test

.
data is been sent out with the mail with subject undisclosed recipient.

please advise. thanks
 
Old 09-27-2005, 09:39 PM   #2
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 57
If you are still wanting to receive incoming mail, you can't stop someone from telneting to the SMTP port. As long as the proper SMTP commands are sent, here is no way for the mail daemon to differentiate between a remote mail client or telnet.

If you want to block incoming mail or at least limit the IP addresses that can send you mail, then that is a different situation.
 
Old 09-27-2005, 11:25 PM   #3
chrisfirestar
Member
 
Registered: Sep 2003
Location: Adelaide, Australia
Distribution: Fedora/RH
Posts: 231

Rep: Reputation: 30
when you use telnet on a port such as 25 it is not a REAL telnet connection. You are connected to the SMTP server and using the telnet client you can issue commands directly to your server.

If you stopped the SMTP server you wont be able to telnet to it anymore.

p.s. you can do this to many services such as HTTP also and can be used to check connections and service availability
 
Old 09-29-2005, 02:16 AM   #4
yenonn
Member
 
Registered: Feb 2003
Location: Malaysia
Distribution: Redhat 8.0, 9, Slackware 9.1
Posts: 511

Original Poster
Rep: Reputation: 30
what if someone telnet port 25 and make a virus attachment through the mail? could it be possible make an attachment through telnetting?

there is anothe thing... then, i can simply impersonate a particular to sending email on behalf of him???? is that true?

then, what is the protection ?
 
Old 09-29-2005, 09:25 AM   #5
TruckStuff
Member
 
Registered: Apr 2002
Posts: 498

Rep: Reputation: 30
Quote:
Originally posted by yenonn
what if someone telnet port 25 and make a virus attachment through the mail? could it be possible make an attachment through telnetting?
Yes. As already stated, when you "telnet" to port 25, you are acting as another SMTP server attempting to deliver mail to your server.
Quote:
Originally posted by yenonn
then, i can simply impersonate a particular to sending email on behalf of him???? is that true?
Yes. Have you never recieved spam before?
Quote:
Originally posted by yenonn
then, what is the protection ?
Protection against what? Imperonating someone else's email? There are no good solutions really. Some people will say that SPF provides good protection, but it doesn't. Most SMTP servers these days provide you with methods to reject mail to unknown users. But spam is simply a fact of life if you are going to run an SMTP server on today's internet.
 
Old 09-29-2005, 08:23 PM   #6
yenonn
Member
 
Registered: Feb 2003
Location: Malaysia
Distribution: Redhat 8.0, 9, Slackware 9.1
Posts: 511

Original Poster
Rep: Reputation: 30
do u think, authentication before smtp will solve the problem?
 
Old 09-30-2005, 02:34 AM   #7
chrisfirestar
Member
 
Registered: Sep 2003
Location: Adelaide, Australia
Distribution: Fedora/RH
Posts: 231

Rep: Reputation: 30
it will limit the risk to a degree because people wont be able to send anything using your SMTP server without the auth user/pass but people will still be able to telnet in and attempt, no way of stopping that. Do you recieve emails on this box? or just sending? If you are just sending you may be able to restrict the access to the SMTP server to IP's you know.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
PLESK [Solution] Change port to 23 (telnet) instead of default port 8443 x5452 Linux - Software 6 05-10-2009 06:58 AM
telnet port block hfawzy Linux - Security 4 08-24-2005 07:52 PM
How to block a port, such as 21? iclinux Linux - Newbie 3 01-16-2005 01:51 PM
Level & Checks block Services (Telnet, VNC...) kt8993 Mandriva 2 10-03-2004 10:35 PM
block telnet to port 80 neil Linux - Security 4 07-01-2004 07:23 AM


All times are GMT -5. The time now is 07:56 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration