From owner-freebsd-isp@FreeBSD.ORG Mon Mar 31 10:16:13 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D225237B404 for ; Mon, 31 Mar 2003 10:16:13 -0800 (PST) Received: from ns.yogotech.com (ns.yogotech.com [206.127.123.66]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3D1D743F93 for ; Mon, 31 Mar 2003 10:16:12 -0800 (PST) (envelope-from nate@yogotech.com) Received: from emerger.yogotech.com (emerger.yogotech.com [206.127.123.131]) by ns.yogotech.com (8.9.3p2/8.9.3) with ESMTP id LAA00183; Mon, 31 Mar 2003 11:16:05 -0700 (MST) (envelope-from nate@yogotech.com) Received: (from nate@localhost) by emerger.yogotech.com (8.12.8/8.12.8) id h2VHpYa7019043; Mon, 31 Mar 2003 10:51:34 -0700 (MST) (envelope-from nate) From: Nate Williams MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <16008.32806.270326.501687@emerger.yogotech.com> Date: Mon, 31 Mar 2003 10:51:34 -0700 To: Albert Meyer In-Reply-To: <5.1.1.6.2.20030331103102.04fd5770@pop3.realtime.net> References: <5.1.1.6.2.20030331103102.04fd5770@pop3.realtime.net> X-Mailer: VM 7.07 under 21.1 (patch 14) "Cuyahoga Valley" XEmacs Lucid cc: freebsd-isp@freebsd.org Subject: Re: Sendmail exploit X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Nate Williams List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Mar 2003 18:16:15 -0000 > The CERT advisory on the new Sendmail exploit seems to be saying that > Sendmail machines behind a firewall can still be exploited. If I understand things correctly, if you allow your machine to connect to outside boxes through the firewall, then it can be exploited, since it will initiate connections to external boxes that can use the connection to do bad things to your box. Nate