[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CLosing Ports

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: CLosing Ports
From: Ben Cottrell <benco_(_at_)_stockmaster_(_dot_)_com>
Date: Sun, 19 Nov 2000 14:00:48 -0500

On Sun, 19 Nov 2000 13:02:31 +0100 (MET), Hakan Olsson wrote:
> If it's a server (for example a mailserver) you're running it's good to
> also have IPF return TCP/Resets for IDENT queries, otherwise some other
> [ ... ]
> 
> On Sat, 18 Nov 2000, eric jackson wrote:
> [ ... ]
> 
> > 113 - turn it off in inetd.conf.. comment out identd

If you comment out ident in inetd.conf, inetd is not going to listen()
on that port anymore, and the kernel will start sending RSTs in response
to incoming connections on its own, with no help from ipf.

(try it; "telnet localhost ident" will say "connection refused"
immediately, with no long timeouts)

	~Ben

Prev by Date: Re: Death of Free Software in Europe?
Next by Date: IO speed wrt data position on disk (was Re: Partition)
Previous by thread: Re: CLosing Ports
Next by thread: ipf states overload ?
Index(es):
- Date
- Thread

Visit your host, monkey.org