Re: ports 113 and 88
It is pretty common to see auth as anything that wants to get an idea of the user running the process will try and use this, for example wb servers (NT especially) and I believe sendmail does it as well. The idea is that you can see the user who is running the process and authenticate from that - pretty broken idea given the 'interesting times' we live in but I guess that when they did the RFC it seemed more sensible. Shouldn't be anything to worry about and you can substantiially slow your connection by not allowing connections for it. There are specific auth implementations you can run on your machine if you want to just supply a canned response each time.
Kerberos is a type of authentication system mostly run by large sites with diverse needs. Personally I have never actually run into a site running it... I'm surprised you're seeing it. If you're getting it from one particular site you might want to check out why that is. I'm not aware of any cracks which are common that use the port....
On Sun, Sep 26, 1999 at 08:57:48AM +0200, Jean-Yves BARBIER wrote:
> Hi all,
> I wonder about the use of the kerberos, 88 and auth, 113 ports?
> I often see them in my logs, as they are blocked by the firewall.
> Thanks in advance,
> Jean-Yves F. Barbier <email@example.com>
> PURGE COMPLETE.
> Unsubscribe? mail -s unsubscribe firstname.lastname@example.org < /dev/null