Security Incidents mailing list archives
RE: Port 113 requests?
From: Steve Stearns <sterno () bigbrother net>
Date: 07 Dec 2001 16:02:37 -0600
On Fri, 2001-12-07 at 15:30, Jose Nazario wrote:
The only bad thing about 'rejecting' i can think of, is TCP/IP stack fingerprinting of the returned RST packet.as already said, "so what?" you're already connecting to them (to send the mail), they know you exist and, due to the joys of passive OS fingerprinting, they know what OS you're running typically. nothing gained.
Well in a server you are sending mail to, that is true. If somebody was just conducting a scan of your box though, that does become information that they otherwise wouldn't have. Still debatable though whether that added bit of security is worth the delays in trying to send mail to ident enable servers. ---Steve ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Re: Port 113 requests?, (continued)
- Re: Port 113 requests? Mike Meredith (Dec 07)
- RE: Port 113 requests? Tony Gale (Dec 07)
- Re: Port 113 requests? Florian Weimer (Dec 07)
- Re: Port 113 requests? Alexander Bochmann (Dec 07)
- Re: Port 113 requests? Patrick Patterson (Dec 07)
- Re: Port 113 requests? Paul Gear (Dec 07)
- Thread "Port 113 requests?" Mario van Velzen (Dec 07)
- Re: Port 113 requests? Valdis . Kletnieks (Dec 09)
- RE: Port 113 requests? Chris Keladis (Dec 07)
- RE: Port 113 requests? Jose Nazario (Dec 07)
- RE: Port 113 requests? Steve Stearns (Dec 07)
- RE: Port 113 requests? Jose Nazario (Dec 07)
- RE: Port 113 requests? Brian Cervenka (Dec 07)