On Thu, 9 Nov 1995, Rob Sansom wrote:
> Subject: POP Access Thru router
> There are some at my organization (upper management) who believe that there
> is little danger in allowing access to POP accounts on my Unix host thru
> our router. My attitude is that the fewer types of connections that I
> allow through the router to our internal hosts the better, and a good
> bug in my POP server, or function call that it uses. Am I being overly
> cautious (loaded question)?
Its as dangerous as any other service you provide through the router. Some more
dangerous than others. All can be used without danger if sufficient logging
and accounting exists.
As far as the dangers in allowing pop3. popcrack.c is probably the most danger
you'll experience. It allows for repetitive attempts at passwords from a
dictionary. It runs as fast as the network link between the attacking computer
and the remote host. It uses plain text from a dictionary, no encryption needed
since the POP protocol is plain text, thus it runs pretty fast.