I work with multiuser system on a college campus. So far security is pretty
good, with no known break ins. We currently run TCP wrappers, and
courtney, and have run COPS, SATAN, and Crack 4.1f, as well as replaced
/bin/passwd.
However, we have a problem with people sending fakemail with the smtp
daemon, by telnetting to port 25 and manually sending mail. Obviously we
can not stop people from telnetting to sites off campus, but is is possible
to stop it on campus? So far, no solutions have been found. Any
help/suggestions would be greatly appreciated, if it is even possible.
Btw, the main workhorses of the system are two Sun Sparc (SunOS 4.1.3)
stations and one VAX. The VAX has smtp and pop3 running, and only smtp on
the two sunos machines.
Thanks in advance,
J. Mulligan
_________________________________________________________
John P. Mulligan <mulligaj @
lafayette .
edu>
PGP PUBLIC KEY available at http://www.lafayette.edu/~mulligaj
_________________________________________________________
"Perhaps you think your Email is legitimate enough that encryption is
unwarranted. If you really are a law-abiding citizen with nothing to hide,
then why don't you always send your paper mail on postcards? ... Are
you trying to hide something?" --- Pretty Good Privacy (PGP) Manual
|
|
