disabling SMTP

• Previous message (by thread): disabling SMTP
• Next message (by thread): Multiple Cisco AS5800 controlled by 1 Cisco 7206VXR
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

At 07:20 AM 3/29/2004, Rob Nelson wrote:


>>when smtp fixup is on (default on many older pixes, i gather that there
>>may be some improvements on newer pixes), the smtp banner
>>is mostly obscured by * characters. the intent is a classic security
>>by obscurity play, to hide the type and verison of the MTA behind
>>the pix.
>
>Okay, so this is a problem when an SMTP server is hosted behind the PIX? I 
>thought the fixup statements were for outbound connections, and with it on 
>right now I get the full banner from SMTP servers. I don't host an SMTP 
>server myself, so can't check that.

SMTP fixup is for hosts behind the firewall. That is after all what it's 
trying to protect (in theory) by mangling the SMTP protocol. :)

Vinny Abello
Network Engineer
Server Management
vinny at tellurian.com
(973)300-9211 x 125
(973)940-6125 (Direct)
PGP Key Fingerprint: 3BC5 9A48 FC78 03D3 82E0  E935 5325 FBCB 0100 977A

Tellurian Networks - The Ultimate Internet Connection
http://www.tellurian.com (888)TELLURIAN

There are 10 kinds of people in the world. Those who understand binary and 
those that don't.

• Previous message (by thread): disabling SMTP
• Next message (by thread): Multiple Cisco AS5800 controlled by 1 Cisco 7206VXR
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]