[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] SMTP and Unknown Established TCP packet



> That depends really. If you drop ident, inbound mail delivery takes a bit
> longer.
The problem is not that it takes a bit longer, but that delivery can fail
entirely. The problem is that the SMTP session is initiated, then the
ident request is made. By the time the ident request times out, the SMTP
request has also timed out.

This does not affect all mail servers or all configurations. But when it
does affect things, it can drive you crazy.

> If you reject, then the process mail delivery is sped up.
> BUT *something* will respond when a script-kiddie scans you boxes. It gives
> away a tiny piece of information in such a way that suggests "Firewall at IP
> a.b.c.d".
Knowledge of a firewall might be a good thing in that it might deter
someone from even trying to break in in the first place. It would not be
hard to figure out that there was a firewall blocking traffic if you got a
response from port 25 but no other port responded whatsoever, not even
with a RST.

-Don

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================