[Dshield] SMTP question answered...

Valdis.Kletnieks@vt.edu Valdis.Kletnieks at vt.edu
Mon Aug 8 20:21:22 GMT 2005


On Mon, 08 Aug 2005 16:03:53 EDT, Richard Golodner said:

> long before I started managing our firewalls. We basically stated to only
> allow our internal interface to be the only device which may send mail out
> of our firewall to the rest of the world.

Note that the definition of "internal interface" may not be as clean-cut as
you thought. ;)

See "The penetrating packets" http://isc.sans.org/diary.php?date=2005-07-25

(You thought this security stuff was *easy*? Stuff like that is why we get
paid the big bucks... or at least why we have grey hair... ;)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/list/attachments/20050808/4312d367/attachment.bin


More information about the list mailing list