[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Ident port 113.



Although we believe that IDENT can cause more harm than good,
it seems to be used between SMTP servers to verify the destination
of e-mail.
 
Your choice...
 
 
David C. Diemer, CCSA
Enterprise Security Firewall Engineer
Georgia Department of Administrative Services (DOAS)
200 Piedmont Ave. SE
Suite 1420, West Tower
Atlanta, GA  30334
[email protected]
(V)
(F)

>>> "Adams, Gavin" <[email protected]> 01/30/01 09:02AM >>>

In my experience, REJECT is the way to go for ident. Use drop for the
rest you listed

-----Original Message-----
From:     [email protected]
[mailto:[email protected]]
Sent:    Tuesday, January 30, 2001 09:58
To:    [email protected]
Subject:    RE: [FW1] Ident port 113.



Hi,

     After reading the responses in this list I could notice that I've
already installed one rule that drop everything on source to everything
on
destination using:
     - (UDP) - bootp
     - (TCP) - ident
     - (UDP) - icq
     - (TCP) - BackOriffice
     - (UDP) - ichat_UDP
     - (TCP) - ichat_TCP

     Should I use "reject" instead of "drop" ???


Regards,

Omar Pinheiro
Departamento de Sistemas
Telebahia Celular
Tel: (71) - 9980-2536
Fax (71) - 387-7502




                    Patrick Baird

                    <[email protected]>              Para:
"'Jesus Calvo Hernandez'" <[email protected]>,                 
                    Enviado Por:
[email protected],

                    [email protected]
[email protected]

                    kpoint.com                                  cc:

                                                                Assunto:
RE: [FW1] Ident port 113.                                   


                    18/01/2001 10:15









You can place a rule to reject ident, this will speed up most mail
servers
as they wait x time to get a response, then send anyway.  Set it to
reject,
not deny

We've had it this way for months and all mail still flows through.

PDB


-----Original Message-----
From: Jesus Calvo Hernandez [mailto:[email protected]]
Sent: Thursday, January 18, 2001 6:39 AM
To: [email protected];
[email protected]
Subject: Re: [FW1] Ident port 113.



Hi

Smtp servers try to check the identity of the server which is trying to
send
mail to them previously to accept mail from it. It is normal and of you
forbid it  it might be possible, depending on the configuration of your
mail
server, that you cannot receive any mail from any other mail server on
the
world.

regards


----- Original Message -----
From: <[email protected]>
To: <[email protected]>
Sent: Thursday, January 18, 2001 12:57 PM
Subject: [FW1] Ident port 113.


>
> What means this service: "Ident" that runs at port 113 ?? I setup FW-1
to
> drop this kind of service and I've been looking to the log and
observed
> that my SMTP Server tried to do connections using this service
frequently.
>
> Regards,
>
>
> Omar Pinheiro
> Departamento de Sistemas
> Telebahia Celular
>
>
>
>
>
========================================================================
====

====
>      To unsubscribe from this mailing list, please see the
instructions
at
>                http://www.checkpoint.com/services/mailing.html
>
========================================================================
====

====

------------------------------------------------------------------
This email is confidential and intended solely for the use of the
individual
to whom it is addressed. Any views or opinions presented are solely
those
of
the author and do not necessarily represent those of Sema Group.
If you are not the intended recipient, be advised that you have received
this email in error and that any use, dissemination, forwarding,
printing,
or copying of this email is strictly prohibited.
------------------------------------------------------------------



========================================================================
====

====
     To unsubscribe from this mailing list, please see the instructions
at
               http://www.checkpoint.com/services/mailing.html
========================================================================
====

====


========================================================================
========

     To unsubscribe from this mailing list, please see the instructions
at
               http://www.checkpoint.com/services/mailing.html
========================================================================
========







========================================================================
========
     To unsubscribe from this mailing list, please see the instructions
at
               http://www.checkpoint.com/services/mailing.html
========================================================================
========




================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================