Re: port 113

To: Michael Steiner <steiner@msteiner.co.at>
Cc: debian-user@lists.debian.org
Subject: Re: port 113
From: Christian Pernegger <pernegger@chello.at>
Date: Wed, 11 Oct 2000 01:07:32 +0200
Message-id: <20001011010732.A19177@southpark.chp>
In-reply-to: <39E39D76.C8BC02E@msteiner.co.at>; from steiner@msteiner.co.at on Wed, Oct 11, 2000 at 12:51:34AM +0200
References: <39E39D76.C8BC02E@msteiner.co.at>

On Wed, Oct 11, 2000 at 12:51:34AM +0200, Michael Steiner wrote:
> Hi to All!
> 
> I block all traffic not realy needed by ipchains.
> When fetching email from my isp I logged attempts by the isp-mailserver
> with tcp to port 113.
> 
> Can you tell me where to find information about port 113 usage?
> (/etc/services I checked, but doesnt give me background information)
> Should or shouldn't I block port 113 ?

113 is the port of the auth[entication] (or ident[ity]) service which
will give out user information to anyone who asks.

Some mail servers try a lookup, but they certainly don't require it to
succeed. Same for some IRQ servers.

Your options:

1) uninstall 'pidentd' (recommended)
2) block it, but then what's the point of having it installed?
3) restrict it to a few trusted sites using /etc/hosts.allow
4) replace it with something that gives out bogus information

Gruesse in den 14.

Christian

Reply to:

Follow-Ups:
- Re: port 113
  - From: Pollywog <pollywog@shadypond.com>

References:
- port 113
  - From: Michael Steiner <steiner@msteiner.co.at>

Prev by Date: Re: port 113
Next by Date: Re: alien and rpm
Previous by thread: Re: port 113
Next by thread: Re: port 113
Index(es):
- Date
- Thread