> Does anybody know about a database where one can find > for any port, i.e. 25 SMTP, the possible > vulnerabilities or exploits? As mentioned before the nessus plugins database is an excellent place to look. Another area to search is vendor advisories ("port 25", "sendmail", "exchange", etc). > The objective is to evaluate and introduce the > management the risks related to the opening of > determined ports in my firewall, given some bussiness > need. Well this of course heavily depends on exactly what you do: Opening port 25 to everything, i.e. I can talk to every single machine behind the firewall on port 25. This is probably dangerous as I can now attack any mail server on your network, and I can launch protocol level attacks on everything else. Opening port 25 to one machine on your network. Have this machine heavily secured, running a mail server like Postfix. This is probably safe, and relatively easy to do. Simply define that mail server as a "SmartHost" or "RelayHost" on internal machines so all internal email bound for the internet goes through it, and setup your MX records so that all incoming mail for your domain(s) goes to it and you can then send it on to your Exchange server (or whatever). > Thanks > > Zar Cho -Kurt Seifried
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:14:53 PDT