On Thu, 11 Oct 2001, Stefan Jeglinski wrote: > > > Or.. more > >than likely, the ISP uses an MTA that does a auth (ident) check. This > >means their mail server will try to connect to yours on port 113 to see > >who is running the mail processes. > > This one is more interesting to me. These days, how common are MTAs > that do this check? Is ident one of those services that > security-conscious admins are always saying to turn off, or is that > advice overkill?
You should turn off all services you do not need. This may be something you need, however. It is the admin's call. ;-) > > > This can be especially slow if you have > >a fireall or something that simply drops packets destined for that port > >(instead of instantly replying with a port closed message). > > I might can understand why dropping packets doesn't help the > situation, but does the "instant reply with a port closed message" > cause the checking MTA to be satisfied and proceed at speed? > Depending on how the MTA handles it, usually things will proceed with speed if the port is closed. Or at least they should. Everyone simply cannot be expected to run identd nowadays. Esp, since it is meaningless on single user systems. > >There are a number of ident daemons for the Mac. I actually just run the > >old "Daemon" from Peter Lewis (of Anarchie/Interachie fame). > > Sounds like a recommend. I expect the security implications for Mac > are relatively low, as is typical? They would be very low for the Mac, yes. Sure someone could find a buffer overflow and try to smash the stack and call their own custom PPC code. But they are never going to get an interactive shell like they can on PC/Unix. So even if there were bug it would be tough to do a whole lot with it. Also, hackers want to hack as many machines as possible. There are many more PCs and unix boxen to target. The source for Daemon is avaiable to scrutinize (albeit in Pascal if I recall). -- Joe Laffey | Want to convert subnet masks between different LAFFEY Computer Imaging | notations, or figure the number of IPs in a block? St. Louis, MO | Whatmask-It's FREE - www.laffeycomputer.com/wm.html ------------------------------------------------------------------------------ ############################################################# This message is sent to you because you are subscribed to the mailing list <[EMAIL PROTECTED]>. To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
