Re: Port 113 security
From: Nick Mashchenko (mnv@gu.kiev.ua)
Date: 03/06/03
- Previous message: Chris Santerre: "RE: Port 113 security"
- In reply to: Chris Santerre: "Port 113 security"
- Next in thread: Glynn Clements: "Re: Port 113 security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 7 Mar 2003 00:01:50 +0200 From: Nick Mashchenko <mnv@gu.kiev.ua> To: Chris Santerre <csanterre@MerchantsOverseas.com>
Hello Chris,
Thursday, March 6, 2003, 5:07:06 PM, you wrote:
CS> Currently I block port 113 (ident) on the firewall. I block everything and
CS> pick and choose what to let in. Never got around to letting this in :)
CS> Anyway, I have about 6-7 in.identd processes running all the time from
CS> failed ident attempts. Nothing big really. System is working great. Logs get
CS> filled a little much with DENY messages.
CS> So does evryone generally let these thru? Any exploits? is there a way to
CS> get rid of those in.identd processes if I leave it blocked?
Chris, this is OK. A lot of programs are trying to send a request to
an identd. They want to know, who are you. I don't remember which
programs exactly are doing this, but I definitely know about this :-).
So, do not be trouble! :-). You can also tune up your firewall to push
it REJECT such a request instead of DENY. 70% if you'll REJECT, the
correspondent's identd will not try again to send the same request
again and again to your box :-).
-- Best regards, Nick Mashchenko UOL VoIP engineer
- Previous message: Chris Santerre: "RE: Port 113 security"
- In reply to: Chris Santerre: "Port 113 security"
- Next in thread: Glynn Clements: "Re: Port 113 security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
