The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How To Disabled POP3 With Iptables?

Discussion in 'General Discussion' started by blakeblake, Aug 21, 2006.

  1. blakeblake

    blakeblake Member

    Joined:
    Apr 2, 2005
    Messages:
    23
    Likes Received:
    0
    Trophy Points:
    1
    Hi Guys,

    I am sure we all go through the same woe's everytime we see the name 'Security Metrics' invovled with our clients business. I am battling them over this lovely issue

    Since I have been unable to determine how one is supposed to switch this over, I was wondering if anyone could let me know the iptables syntax for blocking 995 (i realize what it will do) to connections all together.

    Yes I have disabled this in xinted.d/pop3s file but it still running because of stunnel from what i can gather.

    Much thanks as always.

    /blake
     
  2. liwiplus

    liwiplus Member

    Joined:
    Jul 22, 2006
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    Hi,

    Let me know how you disabled the service using the xinetd.d/pop3s............ there are lot of ways to disable the service.............. one of them is just to stop the service.....
     
  3. rpmws

    rpmws Well-Known Member

    Joined:
    Aug 14, 2001
    Messages:
    1,824
    Likes Received:
    5
    Trophy Points:
    38
    Location:
    back woods of NC, USA
    I'm confused ..running pop over 110 without SSL and forcing people to use it unsecured ..isn't that worse?
     
  4. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Yes, it is worse. You shouldn't disable it if people are going to use it. If you are to follow that reports advice you should disable non-SSL (standard) POP3 and IMAP and FTP and non-SSL access to cPanel and WHM and webmail too. Oh, and SMTP AUTH. And htpasswords on non-SSL web sites. All of those send passwords in clear text and area problem a magnitude greater than running SSLv2 on port 995. Silly reports.
     
  5. blakeblake

    blakeblake Member

    Joined:
    Apr 2, 2005
    Messages:
    23
    Likes Received:
    0
    Trophy Points:
    1
    Yes I realize it would be dumb to disable the secure connection and leave the unsecure open, however in my defence; shutting it off all together was going to be a quick solution to shut security metrics up for the length of their test and then I was going to re enable it (chkconfig shows its being as off but it still responds).

    It is odd that they don't have a problem with people using non secure ports but they give me grief about the fact that pop3s responds with SSv2 vs SSLv3 or TLS and I haven't the foggiest of clues as how to accomplish changing such a thing.

    Here is the latest battle with them staying the same crap.

    If any of you awesome people have a suggestion on how I can get around this, it would be damn skippy if you could let me know.

    /blake
     
  6. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    If you want to disable it, the simplest way would be to block it in iptables:

    iptables -I INPUT -p tcp --dport 995 -j DROP
     
Loading...

Share This Page