Re: [Sheflug] Re: Mail server

["Chris J/#6" <nospam [at] nccnet.co.uk>]

> Looks like it's a local thing in other words ..... internal attack on 
> a commercial network ?  So, not reallt relevant to a home user who 
> wants a mail server.
> 

Disagree - there are remote exploits for various programs, some will give 
you a root shell (like the recent telnetd problem[1]) without the need for 
anything else, others could give you a non-root shell, which you could then 
use to give you a needed foot-hole to attack sendmail with.

Okay - it's two attacks instead of one, but unless you are sure that no-one 
outside can attack your box to get a shell (and even if you are sure) - 
keeping up to date with security is summat that everyone should do[2].

While the chances are slim, with the slow growth of cable and DSL always-on 
services, the chance that your box could get hit is increased, especially 
if you leave it on all day even when you aren't about to look after it.

Sendmail's had so many security holes, I wouldn't touch it with any length 
of barge pole at home or work...plus sendmail.cf is a git at the best of 
times :)

Chris...

[1] http://www.securityfocus.com/archive/1/203000
[2] I keep aware of them, but whether I take any action on them ... :)


-- 
\ Chris Johnson           \  "If not for me then, do it for yourself. If not
 \ cej [at] nccnet.co.uk        \  for then do it for the world." -- Stevie Nicks
  \ www.nccnet.co.uk/~cej/  ~-----------------------------------------+
   \ Redclaw chat - http://redclaw.org.uk - telnet redclaw.org.uk 2000 \____


___________________________________________________________________

Sheffield Linux User's Group - http://www.sheflug.co.uk . 
To unsubscribe from this list send mail to 
shef-lug-request@list.sheflug.org.uk with the word
"unsubscribe" in the body of the message. 

  GNU the choice of a complete generation.