Security Incidents mailing list archives
RE: Port 113 requests?
From: Todd Suiter <todd () s4r com>
Date: Fri, 7 Dec 2001 10:11:13 -0800 (PST)
Speaking as a reformed Postmaster, when I was doing PM work for qualcomm, one of the network admins upgraded the firewalls, and 'nope, we didn't change anything, we just upgraded the code'. Well, they changed one rule. Instead of rejecting the ident queries, they dropped 'em. Mail pretty much stopped until they fessed up to what they changed. On Thu, 6 Dec 2001, Andrew Leonard wrote:
Quoting "Slighter, Tim" <tslighter () itc nrcs usda gov>:you really should try and specify that the rule "drops" instead of reject so that the potential intruder is not provided with any information about their attempted connection.In this case (SMTP AUTH), if you drop instead of reject, you will have to wait for the remote server to time out its auth connection before it lets you get on with SMTP. This can slow mail delivery down substantially. cheers: andy -- Andrew Leonard Geospiza, Inc. 3939 Leary Way NW Seattle, WA 98107 (206) 633-4403; (206) 633-4415 (fax) ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Port 113 requests? Michael Ward (Dec 06)
- Re: Port 113 requests? Chris Wilkes (Dec 06)
- Re: Port 113 requests? Ryan Russell (Dec 06)
- Re: Port 113 requests? Helmut Springer (Dec 07)
- Re: Port 113 requests? Valdis . Kletnieks (Dec 07)
- Re: Port 113 requests? Ryan Russell (Dec 07)
- <Possible follow-ups>
- RE: Port 113 requests? Slighter, Tim (Dec 06)
- RE: Port 113 requests? Ryan McDonnell (Dec 07)
- RE: Port 113 requests? Andrew Leonard (Dec 07)
- RE: Port 113 requests? Todd Suiter (Dec 07)
- Re: Port 113 requests? Helmut Springer (Dec 07)
- Re: Port 113 requests? Crist J . Clark (Dec 07)
- Re: Port 113 requests? Greg A. Woods (Dec 07)
- Re: Port 113 requests? Paul Cardon (Dec 07)
- Re: Port 113 requests? Mike Meredith (Dec 07)
- RE: Port 113 requests? Tony Gale (Dec 07)
- Re: Port 113 requests? Florian Weimer (Dec 07)
- Re: Port 113 requests? Alexander Bochmann (Dec 07)
- Re: Port 113 requests? Patrick Patterson (Dec 07)
- Re: Port 113 requests? Paul Gear (Dec 07)
(Thread continues...)