Date: Fri, 29 Oct 1999 16:07:59 -0600 From: Nate Williams <nate@mt.sri.com> To: Poul-Henning Kamp <phk@critter.freebsd.dk> Cc: nate@mt.sri.com (Nate Williams), "Ronald F. Guilmette" <rfg@monkeys.com>, freebsd-bugs@FreeBSD.ORG Subject: Re: Some fixes for some non-features of the /etc/rc.firewall script Message-ID: <199910292207.QAA06921@mt.sri.com> In-Reply-To: <6725.941234248@critter.freebsd.dk> References: <199910292151.PAA06826@mt.sri.com> <6725.941234248@critter.freebsd.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
> >> The second patch below allows outsiders to connect to your AUTH port (113). > >> I found that allowing this will cut down a lot on the number of pointless > >> "Deny" log messages you will get if you don't have this, because a *lot* > >> of things out in the real world (most notably Sendmail) _will_ try to > >> connect to your local auth port whenever you connect out to them. > > > >Or you can simply ignore them completely w/out logging them, since AUTH > >is a useless protocol, and you really shouldn't have a real AUTH daemon > >running on your box in any case. > > On this topic also consider the "dummy" AUTH server in inetd... Someone (you?) posted one to the mailing list, and/or modified inetd to use a dummy one. I'd have to go look in the archives. However, I haven't had an auth server running on my box for over 3 years, and it hasn't appeared to have hurt anything. :) I can wait the extra 2-3 seconds for the auth server to timeout to get my email. :) Nate To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199910292207.QAA06921>