Although we believe that IDENT can cause more harm than
good,
it seems to be used between SMTP servers to verify the
destination
of e-mail.
Your choice...
David C. Diemer, CCSA
Enterprise Security Firewall Engineer Georgia Department of Administrative Services (DOAS) 200 Piedmont Ave. SE Suite 1420, West Tower Atlanta, GA 30334 [email protected] (V) (F) >>> "Adams, Gavin" <[email protected]> 01/30/01 09:02AM >>> In my experience, REJECT is the way to go for ident. Use drop for the rest you listed -----Original Message----- From: [email protected] [mailto:[email protected]] Sent: Tuesday, January 30, 2001 09:58 To: [email protected] Subject: RE: [FW1] Ident port 113. Hi, After reading the responses in this list I could notice that I've already installed one rule that drop everything on source to everything on destination using: - (UDP) - bootp - (TCP) - ident - (UDP) - icq - (TCP) - BackOriffice - (UDP) - ichat_UDP - (TCP) - ichat_TCP Should I use "reject" instead of "drop" ??? Regards, Omar Pinheiro Departamento de Sistemas Telebahia Celular Tel: (71) - 9980-2536 Fax (71) - 387-7502 Patrick Baird <[email protected]> Para: "'Jesus Calvo Hernandez'" <[email protected]>, Enviado Por: [email protected], [email protected] [email protected] kpoint.com cc: Assunto: RE: [FW1] Ident port 113. 18/01/2001 10:15 You can place a rule to reject ident, this will speed up most mail servers as they wait x time to get a response, then send anyway. Set it to reject, not deny We've had it this way for months and all mail still flows through. PDB -----Original Message----- From: Jesus Calvo Hernandez [mailto:[email protected]] Sent: Thursday, January 18, 2001 6:39 AM To: [email protected]; [email protected] Subject: Re: [FW1] Ident port 113. Hi Smtp servers try to check the identity of the server which is trying to send mail to them previously to accept mail from it. It is normal and of you forbid it it might be possible, depending on the configuration of your server, that you cannot receive any mail from any other mail server on the world. regards ----- Original Message ----- From: <[email protected]> To: <[email protected]> Sent: Thursday, January 18, 2001 12:57 PM Subject: [FW1] Ident port 113. > > What means this service: "Ident" that runs at port 113 ?? I setup FW-1 to > drop this kind of service and I've been looking to the log and observed > that my SMTP Server tried to do connections using this service frequently. > > Regards, > > > Omar Pinheiro > Departamento de Sistemas > Telebahia Celular > > > > > ======================================================================== ==== ==== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ======================================================================== ==== ==== ------------------------------------------------------------------ This email is confidential and intended solely for the use of the individual to whom it is addressed. Any views or opinions presented are solely those of the author and do not necessarily represent those of Sema Group. If you are not the intended recipient, be advised that you have received this email in error and that any use, dissemination, forwarding, printing, or copying of this email is strictly prohibited. ------------------------------------------------------------------ ======================================================================== ==== ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ======================================================================== ==== ==== ======================================================================== ======== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ======================================================================== ======== ======================================================================== ======== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ======================================================================== ======== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================ |