[84475] in North American Network Operators' Group
Re: Computer systems blamed for feeble hurricane response?
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Tue Sep 13 17:54:34 2005
From: "Steven M. Bellovin" <smb@cs.columbia.edu>
To: Joseph S D Yao <jsdy@center.osis.gov>
Cc: Mike Tancsa <mike@sentex.net>, nanog@nanog.org
In-Reply-To: Your message of "Tue, 13 Sep 2005 17:23:12 EDT."
<20050913212312.GM16110@core.center.osis.gov>
Date: Tue, 13 Sep 2005 17:54:03 -0400
Errors-To: owner-nanog@merit.edu
In message <20050913212312.GM16110@core.center.osis.gov>, Joseph S D Yao writes
:
>On Tue, Sep 13, 2005 at 04:56:58PM -0400, Joseph S D Yao wrote:
>> On Tue, Sep 13, 2005 at 04:28:41PM -0400, Steven M. Bellovin wrote:
>> ...
>> > Telnet options, and for that matter speed, happen after the 3-way
>> > handshake. We're not getting that far.
>> >
>> > --Steven M. Bellovin, http://www.cs.columbia.edu/~smb
>>
>> Steve, I defer to your expertise, as always. ;-]
>
>
>Nevertheless ... I went looking for comments on how this was being done,
>and found the following specualtion by a small number of different
>people.
>
>"SEF [is] unique in that it can detect what appear to be telnet
>connections to Port 25 and drop the connection. This is probably because
>telnet connections send one character at a time whereas real SMTP
>clients send all the strings at once."
>
>This would not require the 3WH, ISTM.
>
Sure it would -- until the 3-way handshake, there's no application data
flowing, and hence no characters being sent one at a time.
We'll leave to another mailing list the question of what security
benefit there is to such a feature...
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb
