Hello Chris, Thursday, March 6, 2003, 5:07:06 PM, you wrote:
CS> Currently I block port 113 (ident) on the firewall. I block everything and CS> pick and choose what to let in. Never got around to letting this in :) CS> Anyway, I have about 6-7 in.identd processes running all the time from CS> failed ident attempts. Nothing big really. System is working great. Logs get CS> filled a little much with DENY messages. CS> So does evryone generally let these thru? Any exploits? is there a way to CS> get rid of those in.identd processes if I leave it blocked? Chris, this is OK. A lot of programs are trying to send a request to an identd. They want to know, who are you. I don't remember which programs exactly are doing this, but I definitely know about this :-). So, do not be trouble! :-). You can also tune up your firewall to push it REJECT such a request instead of DENY. 70% if you'll REJECT, the correspondent's identd will not try again to send the same request again and again to your box :-). -- Best regards, Nick Mashchenko UOL VoIP engineer
