On Wed, Oct 11, 2000 at 12:51:34AM +0200, Michael Steiner wrote: > Hi to All! > > I block all traffic not realy needed by ipchains. > When fetching email from my isp I logged attempts by the isp-mailserver > with tcp to port 113. > > Can you tell me where to find information about port 113 usage? > (/etc/services I checked, but doesnt give me background information) > Should or shouldn't I block port 113 ? its ident, it tells user user owns the outgoing connection, your isp is asking what userid is connecting to thier server basically. this is very commonly used with irc and many (most?) irc servers DEMAND that you answer ident queries. its no good for authentication since the client controls it and and send whatever they want. however if you run a multiuser system it can be useful to YOU since if one of your users is causing problems somewhere and that somewhere made an ident query they can tell you who it was. assuming you know your identd is not lying (you should if you control your system and lusers don't have root) then you know who slap around. probably the only service you will ever get refused access to for not supplying an ident query however is irc. since win* and macos don't have identd they won't ever answer these queries (macos and win* irc clients typically start thier own identd before making an irc connection, then close it down once the connection is made) -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgpb0vaN19y8W.pgp
Description: PGP signature