[Dshield] Randex.E from Symantec
sjohnston at cavion.com
Wed Aug 13 20:50:37 GMT 2003
We solve the timeout problem by having our FW reject 113 requests.
On Wed, 2003-08-13 at 14:34, Joe Stewart wrote:
> On Wednesday 13 August 2003 04:20 pm, Jon R. Kibler wrote:
> > Port 113 -- AUTH -- can't block that one easily. If you do so, most mail
> > connections will hang for about 90 to 180 seconds before timing out their
> > IDENT request and then proceeding.
> > Not good.
> > I wonder if this poses any risk to corruption of IDENTD or PIDENTD servers?
> There's no need to block this port. What Symantec is saying is that it listens
> on port 113 for ident requests. This is pretty common in IRC bots.
Shannon Johnston <sjohnston at cavion.com>
More information about the list