Date: Thu, 05 Nov 1998 09:47:37 +0100 From: Poul-Henning Kamp <phk@critter.freebsd.dk> To: Don Lewis <Don.Lewis@tsc.tdk.com> Cc: Nate Williams <nate@mt.sri.com>, cvs-committers@FreeBSD.ORG Subject: Re: cvs commit: src/usr.sbin/inetd inetd.c Message-ID: <11427.910255657@critter.freebsd.dk> In-Reply-To: Your message of "Thu, 05 Nov 1998 00:33:58 PST." <199811050833.AAA13190@salsa.gv.tsc.tdk.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <199811050833.AAA13190@salsa.gv.tsc.tdk.com>, Don Lewis writes: >On Nov 5, 9:13am, Poul-Henning Kamp wrote: >} Subject: Re: cvs commit: src/usr.sbin/inetd inetd.c >} >} >> Well, it is (barely) measurably faster on the two busy mailservers I run. >} > >} >That makes no sense given Don't analysis. Getting a reset is *MUCH* >} >faster than making a full-fledged TCP connection, sending and receiving >} >(bogus) data, and then shutting down the connection. >} >} I think Don assumes that all mail servers run BSD + sendmail. That >} doesn't seem to be the case on the Internet I work on. > >No, I just assume a non-broken TCP stacks. I suppose this might be >a bad assumption. It is. >I'm curious as to what has a broken TCP stack *and* does ident queries >on incoming SMTP connections. I havn't tried to figure out. >} >> The other advantage is that it makes: >} >> sysctl -w net.inet.tcp.log_in_vain=1 >} >> less noisy on same machines. >} > >} >???? >} >} Have you tried it on an mail server which doesn't answer port 113 ? >} You get a (possibly 3) messages every time somebody tried to connect >} to port 113. > >I'd expect this to be pretty noisy. The 3 in a row dudes are the >broken ones. Or behind a firewall which denies all ICMP ? >} With this dummy server in place, you don't get the >} noise, so you can see actual portscans and stuff like that. > >Along with all the connection attempts to port 13x from the Windoze >machines trying to find each other. Reminds me of "The Forbin Project". I'll probably be doing a dummy server for NETBIOS next. -- Poul-Henning Kamp FreeBSD coreteam member phk@FreeBSD.ORG "Real hackers run -current on their laptop." "ttyv0" -- What UNIX calls a $20K state-of-the-art, 3D, hi-res color terminal To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?11427.910255657>