Re: SMTP, 2600, and the security of mail

Stu Grossman (GROSSMAN@Sierra.Stanford.EDU)
Wed 1 Oct 86 16:55:50-PDT

> You could (marginally) ...

That's why I said "marginally". Yes, LPD has this problem, but it's not
so simple. LPD can be told to accept print requests only from certain hosts.
So now you have to:
        1) successfully imitate another host, and
        2) declare yourself as the appropriate port type
So that you can send bogus print requests to an lpd.

Yes, the 'privileged' port number stuff in LPD is quite naive. However,
as long as point 1 (above) is quite difficult to do, LPD can be pretty
safe from bogus print requests.

This archive was generated by hypermail 2.0b3 on Thu Mar 09 2000 - 14:36:58 GMT