Date: Thu, 27 Jul 2000 18:09:17 +0200 (CEST) From: Domas Mituzas <midom@dammit.lt> To: npd@el.com.br Cc: freebsd-stable@freebsd.org Subject: Re: Auth service sequencial probe. Message-ID: <Pine.BSF.4.21.0007271806010.19129-100000@mx.nkm.lt> In-Reply-To: <39804D5D.B6634FB0@el.com.br>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, > ipfw: 900 Deny TCP 200.242.x.xxx:4744 x.x.x.x:113 in via ep1 > ipfw: 900 Deny TCP 200.242.x.xxx:4744 x.x.x.x:113 in via ep1 > [ that keeps for a while ...] > > Any ideas? > this can be new sort of portscanning, as auth service may be used for finding out ports, that are open, and also users, that opened the sockets. On another hand, denying auth service is really a bad habit, a lot of services, including IRC, TCP, SSH etc check identd for user information. If you deny, but not reject it, connection attempts will last for even 30 to 60 seconds (depending on ident timeouts). Therefore, you should refuse, but not deny auth requests, as they're part of normal network operation. Domas To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0007271806010.19129-100000>