Firewalls: Re: RE[2]: Stopping Fakemail

Firewalls
(April 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Re: RE[2]: Stopping Fakemail
From:	Adam Safier <asafier @ csc . com>
Date:	Tue, 23 Apr 96 11:54 EDT
To:	Firewalls @ GreatCircle . COM
Cc:	Brian_Murrell @ bctel . net, scox @ factset . com

>> >     Have you looked into a mailer that doesn't allow character-mode
>> > telnet?

I'm not a coder but couldn't you put in a timer function to test keystroke
times?  If too many msecondes between key strokes and too many typos or ANY
backspaces drop the link.

Of course someone could then set up a pipe or program, but you've eliminated
the novice players and the ones who know mail can modify their mailer anyway
to provide fake info.  You've also hampered your ability to test the mail
interface yourself but everything has a price.

By the way, how do you know it's telneting in and not the sender modifying
their own  systems parameters to provide the fake info?


Adam Safier
CSC-SED-Infosec
asafier @
 csc .
 com

Are Grail and Python a copycat of Java and JavaScript?  Is it even
competition?  Who needs nightmares, just read the news.

Expressed opinions are my own and might not be shared by my employer or
anyone else.

Indexed By Date	Previous:	Re: 1st http load gets error From: Dermot Tynan <dtynan @ fws . ilo . dec . com>
Indexed By Date	Next:	Firewall Blocking of JAVA From: bobk @ manzanita . DEV . 3Com . COM (Bob Konigsberg)
Indexed By Thread	Previous:	Re: RE[2]: Stopping Fakemail From: "mc @ ark . org" <mc @ ark . org>
Indexed By Thread	Next:	re: CKE and some observations on VPNs/remote encryption From: "A. Padgett Peterson P.E. Information Security" <PADGETT @ hobbes . orl . mmc . com>