Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Port question

From: "David Gillett" <gillettdavid () fhda edu>
Date: Wed, 24 Jun 2009 15:57:26 -0700
  Closing port 113 is a good trade-off between security and
performance.

  For historical reasons, generally when a client connects to
an email server via POP to download their email, the server
attempts to connect back to them on port 113.  I believe this 
service was intended for the case where the user is one of 
several sharing a multi-user machine, but I'm not certain about 
that.
  The thing is that >98% of modern client machines will ignore 
this connection attempt.  The email server will wait for anywhere
between 30 seconds and 5 minutes for an answer, and then will 
continue the download session and deliver the requested email.

  ShieldsUp is complaining because it got an RST ("reset") packet
back from that port; the firewall, instead of silently dropping 
the SYN packet for that port, has explicitly rejected the 
connection.  The bad side of this is that the firewall has, by
doing this, revealed its presence; the good side is that the
email server will stop waiting at that point and so the user's
email will download promptly instead of waiting for that connection
to time out first.

  This configuration is sufficiently common that I would not take
that "failed" score seriously.

David Gillett



-----Original Message-----
From: Ken Pryor [mailto:kdpryor () gmail com] 
Sent: Wednesday, June 24, 2009 8:39 AM
To: security-basics () securityfocus com
Subject: Port question

Hello all, I just joined the list and this is my first post 
to it.  I am a networking noob and am not sure if this is 
something I should worry about or not.  I just set up a 
Smoothwall Express firewall and later ran a Shields Up scan 
at grc. com  It showed all ports as stealth except one, port 
113, which it showed as closed.  Shields Up gave my system a 
"failed" score based on that one port showing as closed.  My 
question is, is this anything I need to worry about and, if 
so, how might I fix it?
Thanks to all who offer their knowledge and help to those of 
us just getting started.
Ken Pryor

--------------------------------------------------------------
----------
Securing Apache Web Server with thawte Digital Certificate In 
this guide we examine the importance of Apache-SSL and who 
needs an SSL certificate.  We look at how SSL works, how it 
benefits your company and how your customers can tell if a 
site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache 
web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management 
of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;
e13b6be442f727d1
--------------------------------------------------------------
----------



------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: