> > this issue also demonstrates that while we all want to go & buy that magic
> > black box marked "Secure TM" to protect corporate networks from the internet
> > nasties, the magic black boxes is not going to help much if it passes all
> > smtp traffic to an internal host running sendmail 5.67. nothing beats
> > understanding & a wholistic approach to security.
>
> This raises an interesting point for me: smap/smtpd only lessen the chance of
> successful attack on the host on which they're running. All versions of
> sendmail (and, I suspect, all comparably complex competing programs) are
> vulnerable to (different forms of) attack. Because smap et al. don't filter
> bogus mail carrying an attack payload, then are they, in fact, providing any
> real protection to the internal network? For example, what's to stop somebody
> on the outside from launching an attack of the serious kind present in
> sendmail 8.8.4 on an internal machine via smap/smtpd running on the bastion?
smap/smtpd do filter header nasties.
as & i said in my orig. mail - security is a wholistic thing. i'm still
constantly amazed at the effort organisations go to to secure an internet
bastion & they leave their internal systems completely open. anyway - enough
soap-boxing.
there is nothing stopping you running smap/smtpd on your internal hosts as
well as your bastion. using tools such as smrsh & running up to date versions
of sendmail are also useful things to do.
hope this helps,
pauline
Pauline van Winsen pauline @
uniq .
com .
au
Uniq Professional Services Pty Ltd www.uniq.com.au
PO Box 70, Paddington, NSW 2021, (Sydney) Australia
Phone: +61-2-9380-6360 Fax: +61-2-9380-6416 Pager: 016 287 000
"The ultimate goal of most girls is usually marriage rather than a
continued career in the business world."
Choosing a Girl's Career - Book 8, Woman's World, circa 1964.
|
|
