Why we need ident(d)?
After reding DENY/REJECT response as below, I have more question.
Can anyone elaborate more on what happens if ident is REJECTED?
If there is no negative to set ident to REJECT, I want to do it.
Any pointer to information is fine. Whan I set my firewall, I had to run
and open ident(d) because of this. (I set almost all ports to DENY.)
On Wed, Jul 25, 2001 at 01:38:19PM -0400, Jason Healy wrote:
> The other problem is that if you DENY certain oft-used services, you
> can cause problems. For example, if you DENY on the ident service
> port, machines trying to connect to you will timeout waiting for ident
> info. Some mail servers try to connect back to the ident port on a
> client before accepting mail. If your machine DENYs ident requests,
> it will have to wait for that timeout to occur before sending mail.
>
> Moral of that story is to make sure that you either run an ident
> server, or set it to REJECT.
--
~\^o^/~~~ ~\^.^/~~~ ~\^*^/~~~ ~\^_^/~~~ ~\^+^/~~~ ~\^:^/~~~ ~\^v^/~~~
+ Osamu Aoki <debian@aokiconsulting.com>, GnuPG-key: 1024D/D5DE453D +
+ My debian quick-reference, http://www.aokiconsulting.com/quick/ +
Reply to: