Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Wed, 19 Mar 2003 12:37:43 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Wed, 19 Mar 2003 12:37:42 -0500 Received: from chaos.analogic.com ([204.178.40.224]:29831 "EHLO chaos.analogic.com") by vger.kernel.org with ESMTP id ; Wed, 19 Mar 2003 12:37:40 -0500 Date: Wed, 19 Mar 2003 12:50:52 -0500 (EST) From: "Richard B. Johnson" X-X-Sender: root@chaos Reply-To: root@chaos.analogic.com To: John Jasen cc: "Richard B. Johnson" , linux-kernel@vger.kernel.org Subject: Re: Everything gone! In-Reply-To: Message-ID: References: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1019 Lines: 32 On Wed, 19 Mar 2003, John Jasen wrote: > On Wed, 19 Mar 2003, Richard B. Johnson wrote: > > > Really? How did you do this? > > Clone my machine-name and domain, I mean? Without -bs in the > > header? I need to know. This could be exploited and needs > > to be fixed. > > Perhaps: > > telnet target.system 25 > enter SMTP commands > quit Ah yes! And I just tried it! The target system was the one that the mail was pretended to come from and it has sendmail running and will forward from within the domain. So, that sendmail gets a mail message as though it came directly from itself so it will forward it. Cheers, Dick Johnson Penguin : Linux version 2.4.20 on an i686 machine (797.90 BogoMips). Why is the government concerned about the lunatic fringe? Think about it. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/