Mailinglist Archive: opensuse-security (375 mails)

< Previous Next >
Re: [suse-security] FW port 113 keeps open
  • From: "Joe & Sesil Morris (NTM)" <Joe_Morris@xxxxxxx>
  • Date: Fri, 13 Sep 2002 23:26:09 +0800
  • Message-id: <3D820391.8020607@xxxxxxx>
Pep wrote:

Now I wonder... do you mean it is mandatory to have
identd opened??

Unless you specifically enable 113, it is not open to outside connections, it treats it differently so that your system works. The difference is whether it DROPS the packets, or it answers by REJECTing the packet. If it DROPS, there is no answer at all, and any messages to ident will timeout, slowing you down. If it answers by REJECTing, the other server gives up INSTEAD of timing out. IIRC, you could change this by editing the firewall script, but I would suggest leaving it closed as per default, which is to REJECT, rather than to DROP.

--
Joe & Sesil Morris
New Tribes Mission
Email Address: Joe_Morris@xxxxxxx
Web Address: http://www.mydestiny.net/~joe_morris
Registered Linux user 231871
God said, I AM that I AM. I say, by the grace
God, I am what I am.





< Previous Next >
References