[1179] in WWW Security List Archive
Re: mail port [Off Topic]
daemon@ATHENA.MIT.EDU (Alec H. Peterson)
Thu Nov 16 21:30:24 1995
From: "Alec H. Peterson" <chuckie@panix.com>
To: gfoulds@asel.udel.edu (Kluge)
Date: Thu, 16 Nov 1995 18:29:49 -0500 (EST)
Cc: rfjimen@tesuque.cs.sandia.gov, www-security@ns2.rutgers.edu
In-Reply-To: <Pine.SUN.3.91.951116144439.10659A-100000@tesla> from "Kluge" at Nov 16, 95 02:46:51 pm
Errors-To: owner-www-security@ns2.rutgers.edu
Kluge writes:
>
>It's very easy to send 'anonymous' email via port 25. You aren't
>supposed to do it, however, any user can. It is very easily trackable
>however...
I would say that calling spoofing mail 'easially trackable' is an
overstatement. Certainly it is trivial to trace it to the machine
that originated the message. But if the machine is being heavily used
(ie, has many people logged in), it is far from trivial to narrow it
down to who did it. Also, it becomes even harder if any of these
users have access to cron/at, making it possible to run the job
virtually any time without being logged in.
ALec
--
+------------------------------------+--------------------------------------+
|Alec Peterson - chuckie@panix.com | Panix Public Access UNIX and Internet|
|Network Administrator | New York City, NY |
+------------------------------------+--------------------------------------+
