From owner-freebsd-questions  Tue Aug 11 06:15:10 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id GAA27948
          for freebsd-questions-outgoing; Tue, 11 Aug 1998 06:15:10 -0700 (PDT)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from leaf.lumiere.net (leaf.lumiere.net [207.218.152.15])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id GAA27942
          for <freebsd-questions@freebsd.org>; Tue, 11 Aug 1998 06:15:09 -0700 (PDT)
          (envelope-from j@leaf.lumiere.net)
Received: (from j@localhost)
	by leaf.lumiere.net (8.9.1/8.9.1) id GAA08698;
	Tue, 11 Aug 1998 06:14:47 -0700 (PDT)
Date: Tue, 11 Aug 1998 06:14:47 -0700 (PDT)
From: Jesse <j@lumiere.net>
To: freebsd-questions@FreeBSD.ORG
Subject: Re: Should i enable ident server?
In-Reply-To: <19980715100940.C15447@cityip.co.za>
Message-ID: <Pine.BSF.4.02.9808110613500.5351-100000@leaf.lumiere.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


> > should i enable the ident server? Security / performance related
> > risks?????
> 
> It's up to you whether you want to run it.  There _should_ not be any risks.
> 
> Even if you don't run it, though, I would suggest allowing remote hosts to
> connect to your TCP port 113 - even if nothing is listening to it.  That
> would speed up transactions with remote hosts which try to query your identd.
> (Note:  This assumes that you're running some form of packet filtering, like
> ipfw.)

You can use ipfw to speed up the transactions too. Just have it reset
connections to the ident port.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message