I don't believe he said to block 113; just the opposite from what I can see.
John J. Steniger
Network and Security Manager
Familymeds, Inc.
> -----Original Message-----
> From: Jose Nazario [mailto:[EMAIL PROTECTED]]
> Sent: Friday, March 16, 2001 3:42 PM
> To: HUNGRY PIRANHA
> Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED];
> [EMAIL PROTECTED]
> Subject: RE: Who can tell me a good website for a ports list
>
>
> On Fri, 16 Mar 2001, HUNGRY PIRANHA wrote:
>
> > block 111 sunrpc & allow 113 auth
>
> do you even know what 113/TCP is? do you know why you see so
> many damned
> connections to it?
>
> SMTP. sendmail, and a lot of other SMTP servers, like to do
> auth lookups
> on your connecting host when you send mail.
>
> blocking outright, without sending a packet back, will cause massively
> slow email. sending a DENY (a TCP RST) will speed this up.
> but then you
> run into problems where some sites will block you, but those
> are mainly
> IRC networks.
>
> simply saying "block those ports" without ANY justification
> is not a good
> way to answer a question.
>
> ____________________________
> jose nazario
[EMAIL PROTECTED]
> PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD
> 48 A0 07 80
> PGP key ID 0xFD37F4E5
> (pgp.mit.edu)
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
