Tks for that, Stefan. I was aware of the nature of the change. I was thinking more in terms of the reason for the change. Rgds Andy On Friday 10 January 2003 10:50, Peer Stefan wrote:
Hi,
From: Andy Bennett [mailto:andy@mcrentals.demon.co.uk] Hi,
Have recently changed from using SuSE V7.1 with SuSEfirewall V1 to SuSE V8.1 with SuSEfirewall V2.
Now, when I check my ports at http://www.grc.com, I find my identd port 113 is marked as closed whereas before it was marked as stealth(sic) , i.e. it doesn't respond at all to probes.
I'm just wondering what the thinking is behind this change. Is it simply a preferred option and easier to do with iptables than ipchains.
If packets on port 113 are just DROPped instead of REJECTed, some clients will wait the whole identd-timeout (e.g. ssh) before connections can be established.
Regards Andy
Regards, Stefan