Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!news.rmit.EDU.AU!news.unimelb.EDU.AU!munnari.OZ.AU!news.ecn.uoknor.edu!paladin.american.edu!zombie.ncsc.mil!news.mathworks.com!newsfeed.internetmci.com!newsxfer2.itd.umich.edu!agate!holonet!colossus.holonet.net!woodybbs!john.woodstock From: john.woodstock@woodybbs.com (John Woodstock) Date: 02 Jan 96 20:06:00 Newsgroups: comp.unix.bsd.misc Subject: Internet E-Mail Security Message-ID: <e63_9601030244@woodybbs.com> Organization: WoodyWare Software, Inc. Lines: 27 Hello All! Kinda have a couple of questions: 1) We are in the process of setting up our first Internet E-Mail gateway.. UUCP in to a BSDI box. This box sits on a small ethernet segment.. We have a screening router on that segment.. On the other side of that router we have the corporate backbone and another couple of BSDI boxes that everyone (about 1000 WAN based clients) will bump up against with Eudora or something similar.. The two step process was a reccomendation from an Internet Security Consultant firm. a) Is this a real overkill, or do many folks use a two step process? b) The consultant said that there are know bugs in sendmail that people can use to send a message into the machine that can reconfigure the BSDI box and then the intruder can dial in, and take over the machine and have full access to the network. This sounds like a bit of a stretch.. But I've never done this before.. 2nd question: Does anyone have a name of a Consultant that can come in and set up an Internet E-Mail Gateway. This will be a multi-domain set-up.. John -- | Internet: john.woodstock@woodybbs.com BBS: (516) 736-6662