[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Why we need ident(d)?

After reding DENY/REJECT response as below, I have more question.

Can anyone elaborate more on what happens if ident is REJECTED?

If there is no negative to set ident to REJECT, I want to do it.

Any pointer to information is fine. Whan I set my firewall, I had to run
and open ident(d) because of this. (I set almost all ports to DENY.)

On Wed, Jul 25, 2001 at 01:38:19PM -0400, Jason Healy wrote:
> The other problem is that if you DENY certain oft-used services, you
> can cause problems.  For example, if you DENY on the ident service
> port, machines trying to connect to you will timeout waiting for ident
> info.  Some mail servers try to connect back to the ident port on a
> client before accepting mail.  If your machine DENYs ident requests,
> it will have to wait for that timeout to occur before sending mail.
> 
> Moral of that story is to make sure that you either run an ident
> server, or set it to REJECT.

-- 
~\^o^/~~~ ~\^.^/~~~ ~\^*^/~~~ ~\^_^/~~~ ~\^+^/~~~ ~\^:^/~~~ ~\^v^/~~~ 
+  Osamu Aoki <debian@aokiconsulting.com>, GnuPG-key: 1024D/D5DE453D  +
+  My debian quick-reference, http://www.aokiconsulting.com/quick/    +
Reply to: