*BSD News Article 57898


Return to BSD News archive

Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!news.rmit.EDU.AU!news.unimelb.EDU.AU!munnari.OZ.AU!news.ecn.uoknor.edu!paladin.american.edu!zombie.ncsc.mil!news.mathworks.com!newsfeed.internetmci.com!newsxfer2.itd.umich.edu!agate!holonet!colossus.holonet.net!woodybbs!john.woodstock
From: john.woodstock@woodybbs.com (John Woodstock)
Date: 02 Jan 96 20:06:00 
Newsgroups: comp.unix.bsd.misc
Subject: Internet E-Mail Security
Message-ID: <e63_9601030244@woodybbs.com>
Organization: WoodyWare Software, Inc.
Lines: 27

Hello All!

Kinda have a couple of questions:

1) We are in the process of setting up our first Internet E-Mail gateway.. UUCP
in to a BSDI box. This box sits on a small ethernet segment.. We have a
screening router on that segment.. On the other side of that router we have the
corporate backbone and another couple of BSDI boxes that everyone (about 1000
WAN based clients) will bump up against with Eudora or something similar..
The two step process was a reccomendation from an Internet Security Consultant
firm.

    a)  Is this a real overkill, or do many folks use a two step process?

    b)  The consultant said that there are know bugs in sendmail that people
can use to send a message into the machine that can reconfigure the BSDI box
and then the intruder can dial in, and take over the machine and have full
access to the network.

This sounds like a bit of a stretch.. But I've never done this before..

2nd question: Does anyone have a name of a Consultant that can come in and set
up an Internet E-Mail Gateway. This will be a multi-domain set-up..

John
--
| Internet: john.woodstock@woodybbs.com  BBS: (516) 736-6662