[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CLosing Ports



On Sun, 19 Nov 2000 13:02:31 +0100 (MET), Hakan Olsson wrote:
> If it's a server (for example a mailserver) you're running it's good to
> also have IPF return TCP/Resets for IDENT queries, otherwise some other
> [ ... ]
> 
> On Sat, 18 Nov 2000, eric jackson wrote:
> [ ... ]
> 
> > 113 - turn it off in inetd.conf.. comment out identd

If you comment out ident in inetd.conf, inetd is not going to listen()
on that port anymore, and the kernel will start sending RSTs in response
to incoming connections on its own, with no help from ipf.

(try it; "telnet localhost ident" will say "connection refused"
immediately, with no long timeouts)

	~Ben




Visit your host, monkey.org