On Fri, 16 Mar 2001, HUNGRY PIRANHA wrote:
> block 111 sunrpc & allow 113 auth
do you even know what 113/TCP is? do you know why you see so many damned
connections to it?
SMTP. sendmail, and a lot of other SMTP servers, like to do auth lookups
on your connecting host when you send mail.
blocking outright, without sending a packet back, will cause massively
slow email. sending a DENY (a TCP RST) will speed this up. but then you
run into problems where some sites will block you, but those are mainly
IRC networks.
simply saying "block those ports" without ANY justification is not a good
way to answer a question.
____________________________
jose nazario [EMAIL PROTECTED]
PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
PGP key ID 0xFD37F4E5 (pgp.mit.edu)
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
- Firewall/DMZ and placement of database Ola Samuelson
- Re: Firewall/DMZ and placement of database Jose Nazario
- Re: Who can tell me a good website for a ports list Joakim von Braun
- RE: Who can tell me a good website for a ports list Steve Smith
- Re: Who can tell me a good website for a ports list Andres Aviles
- RE: Who can tell me a good website for a ports list bill-ndrsnet
- RE: Who can tell me a good website for a ports list Graham Zulauf
- RE: Who can tell me a good website for a ports list Shawn Savadkohi
- Re: Who can tell me a good website for a ports list dl
- RE: Who can tell me a good website for a ports list HUNGRY PIRANHA
- RE: Who can tell me a good website for a ports list Jose Nazario
- RE: Who can tell me a good website for a ports list John Steniger
- RE: Who can tell me a good website for a ports list Jose Nazario
- RE: Who can tell me a good website for a ports list HUNGRY PIRANHA
