From owner-cvs-all  Thu Nov  5 00:40:37 1998
Return-Path: <owner-cvs-all@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id AAA05912
          for cvs-all-outgoing; Thu, 5 Nov 1998 00:40:37 -0800 (PST)
          (envelope-from owner-cvs-all@FreeBSD.ORG)
Received: from gatekeeper.tsc.tdk.com (gatekeeper.tsc.tdk.com [207.113.159.21])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id AAA05901
          for <cvs-committers@FreeBSD.ORG>; Thu, 5 Nov 1998 00:40:34 -0800 (PST)
          (envelope-from gdonl@tsc.tdk.com)
Received: from sunrise.gv.tsc.tdk.com (root@sunrise.gv.tsc.tdk.com [192.168.241.191])
	by gatekeeper.tsc.tdk.com (8.8.8/8.8.8) with ESMTP id AAA00542;
	Thu, 5 Nov 1998 00:34:02 -0800 (PST)
	(envelope-from gdonl@tsc.tdk.com)
Received: from salsa.gv.tsc.tdk.com (salsa.gv.tsc.tdk.com [192.168.241.194])
	by sunrise.gv.tsc.tdk.com (8.8.5/8.8.5) with ESMTP id AAA07743;
	Thu, 5 Nov 1998 00:34:00 -0800 (PST)
Received: (from gdonl@localhost)
	by salsa.gv.tsc.tdk.com (8.8.5/8.8.5) id AAA13190;
	Thu, 5 Nov 1998 00:33:58 -0800 (PST)
From: Don Lewis <Don.Lewis@tsc.tdk.com>
Message-Id: <199811050833.AAA13190@salsa.gv.tsc.tdk.com>
Date: Thu, 5 Nov 1998 00:33:58 -0800
In-Reply-To: Poul-Henning Kamp <phk@critter.freebsd.dk>
       "Re: cvs commit: src/usr.sbin/inetd inetd.c" (Nov  5,  9:13am)
X-Mailer: Mail User's Shell (7.2.6 alpha(3) 7/19/95)
To: Poul-Henning Kamp <phk@critter.freebsd.dk>,
        Nate Williams <nate@mt.sri.com>
Subject: Re: cvs commit: src/usr.sbin/inetd inetd.c
Cc: Don Lewis <Don.Lewis@tsc.tdk.com>, cvs-committers@FreeBSD.ORG
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk

On Nov 5,  9:13am, Poul-Henning Kamp wrote:
} Subject: Re: cvs commit: src/usr.sbin/inetd inetd.c
} 
} >> Well, it is (barely) measurably faster on the two busy mailservers I run.
} >
} >That makes no sense given Don't analysis.  Getting a reset is *MUCH*
} >faster than making a full-fledged TCP connection, sending and receiving
} >(bogus) data, and then shutting down the connection.
} 
} I think Don assumes that all mail servers run BSD + sendmail.  That
} doesn't seem to be the case on the Internet I work on.

No, I just assume a non-broken TCP stacks.  I suppose this might be
a bad assumption.

I'm curious as to what has a broken TCP stack *and* does ident queries
on incoming SMTP connections.

} >> The other advantage is that it makes:
} >> 	sysctl -w net.inet.tcp.log_in_vain=1
} >> less noisy on same machines.
} >
} >????
} 
} Have you tried it on an mail server which doesn't answer port 113 ?
} You get a (possibly 3) messages every time somebody tried to connect
} to port 113.

I'd expect this to be pretty noisy.  The 3 in a row dudes are the
broken ones.

} With this dummy server in place, you don't get the 
} noise, so you can see actual portscans and stuff like that.

Along with all the connection attempts to port 13x from the Windoze
machines trying to find each other.  Reminds me of "The Forbin Project".

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message