Date: Mon, 05 Jul 1999 04:30:28 PDT From: N.N.M <madrapour@hotmail.com> To: jcarlos@bahianet.com.br Cc: freebsd-security@freebsd.org Subject: Re: IDENTD Message-ID: <19990705113029.28794.qmail@hotmail.com>
next in thread | raw e-mail | index | archive | help
Thanks for information. 1) Could you tell me please if I can block this sort of connection (ident) without causing any problem or inconvenience for the services like mail or so? 2) Can it be consequnced: it is basically better to block the all conncetions we want, by using "reject" instead of "deny"? Based on what you said (and I read about), using "reject" decreases the further re-attemting conncetions, so it will decrease the unusable and unwanted traffic as well. Is it right? Nazila M. >From: "Joao Carlos" <jcarlos@bahianet.com.br> >To: "N.N.M" <madrapour@hotmail.com> >Subject: Re: IDENTD >Date: Mon, 5 Jul 1999 07:52:33 -0300 >MIME-Version: 1.0 >From jcarlos@bahianet.com.br Mon Jul 5 10:50:29 1999 >Received: from jcarlos (jcarlos.bahianet.com.br [200.223.88.250])by >postman.bahianet.com.br (8.9.3/8.9.3) with SMTP id HAA22873for ><madrapour@hotmail.com>; Mon, 5 Jul 1999 07:46:52 -0300 (EST) >Message-ID: <002901bec6d4$7d809de0$fa58dfc8@bahianet.com.br> >References: <19990705104525.71256.qmail@hotmail.com> >X-Priority: 3 >X-MSMail-Priority: Normal >X-Mailer: Microsoft Outlook Express 5.00.2314.1300 >X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 > > > I read somewhere that it's better to block "identd connections" by >"reset > > action in IPFW" instead of "deny" or something like that. Blocking the >port > > with using "deny action" makes the services like "sendmail" or "ircd" >very > > slow. > > >Sure it is, since with the deny action, the service that is trying to >access >your firewall does not get ny answer, the try again. 3 times in general. >And >if you use reject instead, the service gets the reject answer and stop >trying. > > > ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990705113029.28794.qmail>