On Sat, Apr 21, 2001 at 02:12:46AM -0500, Adam Keys wrote:
> On 20 Apr 2001 18:26:00 -0400, Jonathan Freiermuth wrote:
>
> > tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 0
> 1542 487/sendmail: accep
> > udp 0 0 0.0.0.0:1112 0.0.0.0:* 0
> 127022 16024/send-mail
>
> I know little about sendmail, but if I was allowed to guess, I would say
> it's just an ephermal connection between
> sendmail and a client. Following that, I would wonder why you are
> running sendmail on a firewall? :)
>
Sendmail. Yeah, I know. I wanted to receive normal system mail from the firewall. I
had root aliased to myself at my workstation. But on the external interface, port 25
is not open. The iptables rules accept connections from a relaying mail server on port
2525 on the external interface, and forward them to my mail server using the NAT
tables.
I figure if no one can hit from the outside world, it would be secure enough to run.
Just to be paranoid, I figure I'll reinstall it, with Debian, and turn off both
sendmail and sshd. I have it connected to my workstation via serial console, so I
don't need sshd anymore. Then there should be no network stuff other than the dhcp
client, which I need for access to roadrunner.
>
> --
> ,-----------------------------------------------------------------------------.
> > Adam Keys | <
> > [EMAIL PROTECTED] | Adam Keys Development <
> > ICQ# 11772935 | Ubercoder <
> > http://mk.hotweird.com/~adam | <
> ,-----------------------------------------------------------------------------.
> I wonder if I'm insecure, secure, secure about my insecurity, or secure about
> covering up my insecurity.
> `-----------------------------------------------------------------------------'
>
>
> --
> To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
>
>
--
Jonathan Freiermuth
[EMAIL PROTECTED]
PGP signature
