From owner-freebsd-security  Sat Nov 21 21:24:31 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id VAA00847
          for freebsd-security-outgoing; Sat, 21 Nov 1998 21:24:31 -0800 (PST)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from gatekeeper.tsc.tdk.com (gatekeeper.tsc.tdk.com [207.113.159.21])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id VAA00842
          for <freebsd-security@FreeBSD.ORG>; Sat, 21 Nov 1998 21:24:29 -0800 (PST)
          (envelope-from gdonl@tsc.tdk.com)
Received: from sunrise.gv.tsc.tdk.com (root@sunrise.gv.tsc.tdk.com [192.168.241.191])
	by gatekeeper.tsc.tdk.com (8.8.8/8.8.8) with ESMTP id VAA24822;
	Sat, 21 Nov 1998 21:23:51 -0800 (PST)
	(envelope-from gdonl@tsc.tdk.com)
Received: from salsa.gv.tsc.tdk.com (salsa.gv.tsc.tdk.com [192.168.241.194])
	by sunrise.gv.tsc.tdk.com (8.8.5/8.8.5) with ESMTP id VAA25634;
	Sat, 21 Nov 1998 21:23:50 -0800 (PST)
Received: (from gdonl@localhost)
	by salsa.gv.tsc.tdk.com (8.8.5/8.8.5) id VAA00366;
	Sat, 21 Nov 1998 21:23:44 -0800 (PST)
From: Don Lewis <Don.Lewis@tsc.tdk.com>
Message-Id: <199811220523.VAA00366@salsa.gv.tsc.tdk.com>
Date: Sat, 21 Nov 1998 21:23:43 -0800
In-Reply-To: Marc Slemko <marcs@znep.com>
       "Re: Would this make FreeBSD more secure?" (Nov 17,  9:31am)
X-Mailer: Mail User's Shell (7.2.6 alpha(3) 7/19/95)
To: Marc Slemko <marcs@znep.com>, Adam Shostack <adam@homeport.org>
Subject: Re: Would this make FreeBSD more secure?
Cc: freebsd-security@FreeBSD.ORG
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Nov 17,  9:31am, Marc Slemko wrote:
} Subject: Re: Would this make FreeBSD more secure?

} Say, for example, you have a MX record pointing to a server that does have
} privileged ports.  That means that, even if the mail server does crash or
} stop listening on the port, any old user can't just bind to the port and
} steal mail.

Even better would be to quickly make enough connections to tcp port 23
(telnet) so that inetd decides this service is looping and shuts it down.
Then you can bind a socket to port 23 and harvest user names and passwords.

			---  Truck

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message