From owner-freebsd-security Mon Feb 4 11:29:52 2002 Delivered-To: freebsd-security@freebsd.org Received: from pi.yip.org (pi.yip.org [199.45.111.121]) by hub.freebsd.org (Postfix) with ESMTP id 2E0D737B41E for ; Mon, 4 Feb 2002 11:29:35 -0800 (PST) Received: (from melange@localhost) by pi.yip.org (8.11.3/8.11.3) id g14JTWM03512; Mon, 4 Feb 2002 14:29:32 -0500 (EST) (envelope-from melange@yip.org) Date: Mon, 4 Feb 2002 14:29:32 -0500 From: Bob K To: Martin McCormick Cc: freebsd-security@FreeBSD.ORG Subject: Re: Port 113 Traffic Message-ID: <20020204142931.K454@yip.org> References: <200202041914.g14JEiM74583@dc.cis.okstate.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200202041914.g14JEiM74583@dc.cis.okstate.edu>; from martin@dc.cis.okstate.edu on Mon, Feb 04, 2002 at 01:14:44PM -0600 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, Feb 04, 2002 at 01:14:44PM -0600, Martin McCormick wrote: > > I may block it experimentally and see if anything does > break since I have ipfw running and it is a simple matter to add > a new rule or remove it later. Sendmail is the only service I am > running that I might break by closing that port so I will close > it and see if sendmail still runs. Handy tip: When you block it, I would suggest having your firewall rule reset the TCP connection instead of simply dropping it - otherwise all programs that are attempting to ident things will have to wait for the ident request to time out. Use the 'reset' action as opposed to the 'deny' action for ipfw... -- Bob | There's more to life than e-mail, supposedly. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message