If you want to receive mail, you need port 25 open. While there is a command to verify users, I remember reading somewhere that most servers will respond with the same answer whether or not it's a valid user, so that might not even be an issue.
> SMTP 25 OPEN SMTP is used to send email across the internet.
> This allows an attacker to verify user accounts on your
> system, send anonymous (spam) email, or even access files on
> your hard drive.
Note that with SME, external access to SMTP is disabled unless you get Damien Curtain's addon and the user logs in with a valid username and password. It can't be used for spamming in the default configuration.
Ident is used to verify info for some connections. There have been a bunch of threads on it. If you stealth the port, some connections will be delayed until the attempt times out, or it will just fail completely. If I remember correctly, it doesn't give any really valuable info anyway.
If you want secure connections, you need HTTPS. That's what's used for Server Manager by the way.
Yes, they can probably figure out what OS you have by the ping response. Again, probably not really giving away anything too amazing...
1 Replies
362 Views