[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How do I change my firewall ports to stealth mode?



Kevin writes:
Many IRC servers will drop sessions if they cannot talk to an ident
service on the originating end.  If you don't want your users to be on
IRC;  this could be considered as a benefit of blocking TCP/113 ;)

Doubtful with IRC servers today. Although I'm not privy to the details
of IRC per se, I have set up a number of firewalls in my day and have
perused a lot of sockets code, and frankly, I would be surprised if
anyone one this forum found they needed ident working for anything,
including irc. I seriously doubt this is true any more.


While the identd service is not *mandatory* on servers which send
outbound SMTP email,  many remote SMTP servers will query identd when
your machine connects as a SMTP client.

Agian, not lately. This I do know something about. I know that Sendmail
and Qmail MTAs dropped any notion of needing ident for anything long ago.
Exchange and Imap servers certainly don't rely on it.


Bottom line, if your server sends SMTP email to arbitrary remote SMTP
servers,  is is detrimental to  "stealth" ident.

Name one mta that needs ident. I'm not saying they don't exist, I'm
just curious.