From owner-freebsd-security Mon Feb 4 11:38:44 2002 Delivered-To: freebsd-security@freebsd.org Received: from pa169.kurdwanowa.sdi.tpnet.pl (pa169.kurdwanowa.sdi.tpnet.pl [213.77.148.169]) by hub.freebsd.org (Postfix) with ESMTP id 07C9937B427 for ; Mon, 4 Feb 2002 11:38:38 -0800 (PST) Received: from velvet.zaraska.dhs.org (velvet.zaraska.dhs.org [192.168.11.2]) by pa169.kurdwanowa.sdi.tpnet.pl (Postfix) with SMTP id 79E8C1DA7; Mon, 4 Feb 2002 19:38:39 +0000 (GMT) Date: Mon, 4 Feb 2002 20:38:15 +0100 From: Krzysztof Zaraska To: "Bart Matthaei" Cc: martin@dc.cis.okstate.edu, freebsd-security@freebsd.org Subject: Re: Port 113 Traffic Message-Id: <20020204203815.09a893b9.kzaraska@student.uci.agh.edu.pl> In-Reply-To: <20020204202532.P34448@heresy.dreamflow.nl> References: <200202041914.g14JEiM74583@dc.cis.okstate.edu> <20020204202532.P34448@heresy.dreamflow.nl> Organization: Univ. of Mining And Metallurgy X-Mailer: Sylpheed version 0.6.6 (GTK+ 1.2.10; i386--freebsd5.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, 4 Feb 2002 20:25:32 +0100 "Bart Matthaei" wrote: > You don't wanna block ident. Its trivial. If you block it, ident > requests to your machine will time out, resulting in a slow > initialization of connections like irc, to name one. Not necessarily. Just make your firewall reply to port 113 traffic with RST instead of silently dropping the packet. For the remote host it will look like you weren't running ident daemon. -- // Krzysztof Zaraska * kzaraska (at) student.uci.agh.edu.pl // Prelude IDS: http://www.prelude-ids.org/ // A dream will always triumph over reality, once it is given the chance. // -- Stanislaw Lem To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message