Everhart, Glenn From: Neil Moore-Smith [nms@crescendo.ltd.uk] Sent: Tuesday, August 11, 1998 6:41 PM To: 'rick petersen'; 'ntsecurity@iss.net' Subject: RE: [NTSEC] Telnet to ports TO UNSUBSCRIBE: email "unsubscribe ntsecurity" to majordomo@iss.net Contact ntsecurity-owner@iss.net for help with any problems! --------------------------------------------------------------------------- Rick A port is like a telephone extension. The IP address is the number of the company you need to contact, the "extension" gets you through to the person you want to speak to, or in this case, the service, such as SMTP, DNS, Telnet, POP3, etc. All of these, and many other standard services, uses "well-known" ports. For example, port 25 is used for SMTP and everyone has to know that, so that they can exchange email. The standard Telnet port is 23. But if you load the Windows 95 or NT Telnet.exe, and choose "Remote host" from the "Connect" menu, you will see that you can specify the port. Try connecting to your web server on port 80. You get nothing back, but when you type "GET", it returns an error code. Some devious person who knows HTTP better than I do could type in a proper HTTP command and get all sorts of useful low-level information with which to steer an attack. We had a recent case where someone was telnet-ing on to our SMTP server and relaying invitations to examine a porn web site. The resulting emails apparently originated from our company, thus masking the offender's identity, but embarrassing us! Neil On Tuesday, August 11, 1998 7:57 AM, rick petersen [SMTP:rpetersen@RFWKLAW.com] wrote: > > TO UNSUBSCRIBE: email "unsubscribe ntsecurity" to majordomo@iss.net > Contact ntsecurity-owner@iss.net for help with any problems! > --------------------------------------------------------------------------- > > This is probably more on how to instead of security. The list keeps > talking about blocking tcp and udp ports. I understand the concept of > blocking ports and why but for the life of me I cannot figure out how to > telnet into a specific port. Before I go blocking ports I would like to > test the ease of access first. > Thanks in advance for your support. > Rick Petersen.