Security Incidents mailing list archives

Re: Port 113 requests?

From: Paul Gear <paulgear () bigfoot com>
Date: Fri, 07 Dec 2001 20:58:53 +1000

"Slighter, Tim" wrote:

you really should try and specify that the rule "drops" instead of reject so
that the potential intruder is not provided with any information about their
attempted connection.


Make sure to change the sendmail configuration to disable ident lookups before
trying this.  If you do it with a default sendmail configuration (at least on
Red Hat Linux), you will get a 30 second timeout whenever you try to send
anyone mail (and presumably when you receive mail, if you use drop on outgoing
connections - not that you would :-).

Paul
http://paulgear.webhop.net



----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

RE: Port 113 requests?, (continued)
- - - RE: Port 113 requests? Todd Suiter (Dec 07)
    - Re: Port 113 requests? Helmut Springer (Dec 07)
  - Re: Port 113 requests? Crist J . Clark (Dec 07)
    - Re: Port 113 requests? Greg A. Woods (Dec 07)
  - Re: Port 113 requests? Paul Cardon (Dec 07)
  - Re: Port 113 requests? Mike Meredith (Dec 07)
  - RE: Port 113 requests? Tony Gale (Dec 07)
  - Re: Port 113 requests? Florian Weimer (Dec 07)
  - Re: Port 113 requests? Alexander Bochmann (Dec 07)
  - Re: Port 113 requests? Patrick Patterson (Dec 07)
  - Re: Port 113 requests? Paul Gear (Dec 07)
    - Thread "Port 113 requests?" Mario van Velzen (Dec 07)
  - Re: Port 113 requests? Valdis . Kletnieks (Dec 09)
- RE: Port 113 requests? Chris Keladis (Dec 07)
  - RE: Port 113 requests? Jose Nazario (Dec 07)
    - RE: Port 113 requests? Steve Stearns (Dec 07)
- RE: Port 113 requests? Brian Cervenka (Dec 07)