From owner-cvs-all  Thu Nov  5 00:49:36 1998
Return-Path: <owner-cvs-all@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id AAA06921
          for cvs-all-outgoing; Thu, 5 Nov 1998 00:49:36 -0800 (PST)
          (envelope-from owner-cvs-all@FreeBSD.ORG)
Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.40.131])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id AAA06905
          for <cvs-committers@FreeBSD.ORG>; Thu, 5 Nov 1998 00:49:33 -0800 (PST)
          (envelope-from phk@critter.freebsd.dk)
Received: from critter.freebsd.dk (localhost [127.0.0.1])
	by critter.freebsd.dk (8.9.1/8.8.5) with ESMTP id JAA11429;
	Thu, 5 Nov 1998 09:47:37 +0100 (CET)
To: Don Lewis <Don.Lewis@tsc.tdk.com>
cc: Nate Williams <nate@mt.sri.com>, cvs-committers@FreeBSD.ORG
Subject: Re: cvs commit: src/usr.sbin/inetd inetd.c 
In-reply-to: Your message of "Thu, 05 Nov 1998 00:33:58 PST."
             <199811050833.AAA13190@salsa.gv.tsc.tdk.com> 
Date: Thu, 05 Nov 1998 09:47:37 +0100
Message-ID: <11427.910255657@critter.freebsd.dk>
From: Poul-Henning Kamp <phk@critter.freebsd.dk>
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk

In message <199811050833.AAA13190@salsa.gv.tsc.tdk.com>, Don Lewis writes:
>On Nov 5,  9:13am, Poul-Henning Kamp wrote:
>} Subject: Re: cvs commit: src/usr.sbin/inetd inetd.c
>} 
>} >> Well, it is (barely) measurably faster on the two busy mailservers I run.
>} >
>} >That makes no sense given Don't analysis.  Getting a reset is *MUCH*
>} >faster than making a full-fledged TCP connection, sending and receiving
>} >(bogus) data, and then shutting down the connection.
>} 
>} I think Don assumes that all mail servers run BSD + sendmail.  That
>} doesn't seem to be the case on the Internet I work on.
>
>No, I just assume a non-broken TCP stacks.  I suppose this might be
>a bad assumption.

It is.

>I'm curious as to what has a broken TCP stack *and* does ident queries
>on incoming SMTP connections.

I havn't tried to figure out.

>} >> The other advantage is that it makes:
>} >> 	sysctl -w net.inet.tcp.log_in_vain=1
>} >> less noisy on same machines.
>} >
>} >????
>} 
>} Have you tried it on an mail server which doesn't answer port 113 ?
>} You get a (possibly 3) messages every time somebody tried to connect
>} to port 113.
>
>I'd expect this to be pretty noisy.  The 3 in a row dudes are the
>broken ones.

Or behind a firewall which denies all ICMP ?

>} With this dummy server in place, you don't get the 
>} noise, so you can see actual portscans and stuff like that.
>
>Along with all the connection attempts to port 13x from the Windoze
>machines trying to find each other.  Reminds me of "The Forbin Project".

I'll probably be doing a dummy server for NETBIOS next.

--
Poul-Henning Kamp             FreeBSD coreteam member
phk@FreeBSD.ORG               "Real hackers run -current on their laptop."
"ttyv0" -- What UNIX calls a $20K state-of-the-art, 3D, hi-res color terminal

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message