On Wed, 7 May 2008, Deepak Jain wrote: > > I know of a tool that a major financial institution uses when certifying > your networks security -- that scrapes the version number from your > ESTMP banner to decide whether you comply or not (and other banners). > (Rather than actually testing for a specific vulnerability). Simply > blocking all of these packets from their test host gives you a high > passing score; possibly a perfect one. [Irony and humor aside...]
Cisco PIX/ASA firewalls in SMTP fuxup mode are so incredibly broken. Possibly the worst SMTP implementation ever. Tony. -- f.anthony.n.finch <[EMAIL PROTECTED]> http://dotat.at/ FISHER GERMAN BIGHT: VARIABLE 3, BUT EASTERLY 4 OR 5 IN SOUTH GERMAN BIGHT. SLIGHT. FOG PATCHES. MODERATE OR GOOD, OCCASIONALLY VERY POOR. _______________________________________________ NANOG mailing list NANOG@nanog.org http://mailman.nanog.org/mailman/listinfo/nanog