nanog mailing list archives

Re: Slow and Fast IP addresses on http ?

From: Paul Vixie <vixie () vix com>
Date: 17 Jun 2003 17:14:49 +0000


smb () research att com ("Steven M. Bellovin") writes:

It might also be port 113 -- some sites try to query your tcp port 113, 
and wait for a timeout if the port is firewalled.  A better solution 
than blocking it is to send an immediate RST.


people who depend on tcp/113 deserve everything stupid that happens to them.
dropping SYN packets or returning a fixed string are both better than sending
an immediate RST.  (false confidence being valued less than low confidence.)
i was rather shocked to discover tcp/113 clientness enabled by default in
postfix and sendmail.  but even widespread ignorance does not call for
widespread coddling such as returning immediate RST's.
-- 
Paul Vixie

Current thread:

Slow and Fast IP addresses on http ? drueegg (Jun 16)
- Re: Slow and Fast IP addresses on http ? Niels Bakker (Jun 16)
- Re: Slow and Fast IP addresses on http ? Daniel Karrenberg (Jun 16)
- <Possible follow-ups>
- Re: Slow and Fast IP addresses on http ? Steven M. Bellovin (Jun 17)
  - Re: Slow and Fast IP addresses on http ? Paul Vixie (Jun 17)
    - Re: Slow and Fast IP addresses on http ? Nathan J. Mehl (Jun 17)
    - Re: Slow and Fast IP addresses on http ? Richard A Steenbergen (Jun 17)
- Re: Slow and Fast IP addresses on http ? Steven M. Bellovin (Jun 17)
  - Re: Slow and Fast IP addresses on http ? Rob Thomas (Jun 17)
    - Rob is a moron! was, Re: Slow and Fast IP addresses on http ? Rob Thomas (Jun 17)