Date: Thu, 3 May 2001 14:44:41 -0400 From: Ben Eisenbraun <bene@klatsch.org> To: "Timothy S. Bowers" <security@nol.co.za> Cc: freebsd-security@freebsd.org Subject: Re: reverse or not Message-ID: <20010503144441.B52246@klatsch.org> In-Reply-To: <5.0.2.1.2.20010503145244.00a12e50@nol.co.za>; from security@nol.co.za on Thu, May 03, 2001 at 02:53:10PM %2B0200 References: <5.0.2.1.2.20010503145244.00a12e50@nol.co.za>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, May 03, 2001 at 02:53:10PM +0200, Timothy S. Bowers wrote: > When I do this: # telnet 127.0.0.1 25 > It takes around 30 seconds to connect to the local exim mail server. > Actualy.. it takes long from anywhere. It might be waiting for an ident to timeout. Most of the major MTA's do an ident/auth check (TCP:113) when you connect to them, and if your machine is just dropping those requests, then the MTA waits for the request to timeout before displaying the banner. I can't think of a good reason it would do this for localhost connections though. Is the machine running a firewall? Maybe net.inet.tcp.restrict_rst: 1 would do it? To verify if this is actually the problem, you could fire up tcpdump and listen to see if Exim is initiating an ident request. You could also set the sysctl value net.inet.tcp.log_in_vain to 1, and connection attempts to closed ports will be logged. Good luck! -ben To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010503144441.B52246>