Re: port 113


Subject: Re: port 113
From: Greg Madden (pabi@gci.net)
Date: Fri Jan 30 2004 - 11:04:07 AKST


On Fri, 2004-01-30 at 10:31, W.D.McKinney wrote:
> On Fri, 2004-01-30 at 10:05, Greg Madden wrote:
> > I got a new firewall, replaced my Icop box with a Netgear Fvs318. What
> > this did was break my Debian mirror updates that were runing on a cron
> > job. the update starts, runs for about an hour then looses the
> > connection to the remote mirror.
> >
> > Doing some investigating I find that the Netgear box stealths all ports
> > by default. In contrast the Ipcop box stealths 1-112, leaves port 113
> > (Ident) as closed, stealths 114-1024 , leaves all the higher ports in a
> > closed state. Not having any admin knowledge I am wondering if
> > stealthing port 113 is not a good poicy, at least for the mirror I am
> > trying to connect to.
>
> I would take this on a case by case basis. If your mirror process fails
> then the authentication process is hanging and you need to try something
> different. You might want to read up on this :-D
>
> See http://www.grc.com/port_113.htm
>
> Have fun!
>
> Dee

Thanks for the reply, I have been to the grc.com site , used it to scan
my firewall. I read the comments on port 113, didn't read the RFC though
:) I can add port 113 to my firewall rules and see what happens. I was
also curious about all the ports above 1024, on my Ipcop box, that show
a box exists and whether one of those ports might be keping a connection
alive.

-- 
Greg Madden
Precision Air Balance, Inc.
Phone: 907-276-0461

--------- To unsubscribe, send email to <aklug-request@aklug.org> with 'unsubscribe' in the message body.



This archive was generated by hypermail 2a23 : Fri Jan 30 2004 - 11:04:24 AKST