David C. Diemer, CCSA
Enterprise Security Firewall Engineer
Georgia
Department of Administrative Services (DOAS)
200 Piedmont Ave. SE
Suite
1420, West Tower
Atlanta, GA 30334
[email protected](V)
(F)
>>> "Adams, Gavin"
<
[email protected]> 01/30/01 09:02AM >>>
In my
experience, REJECT is the way to go for ident. Use drop for the
rest you
listed
-----Original Message-----
From:
[email protected][
mailto:[email protected]]
Sent: Tuesday, January 30, 2001
09:58
To:
[email protected]Subject: RE: [FW1]
Ident port 113.
Hi,
After reading
the responses in this list I could notice that I've
already installed one
rule that drop everything on source to everything
on
destination
using:
- (UDP) - bootp
-
(TCP) - ident
- (UDP) -
icq
- (TCP) -
BackOriffice
- (UDP) -
ichat_UDP
- (TCP) -
ichat_TCP
Should I use "reject" instead of
"drop" ???
Regards,
Omar Pinheiro
Departamento de
Sistemas
Telebahia Celular
Tel: (71) - 9980-2536
Fax (71) -
387-7502
Patrick
Baird
<
[email protected]>
Para:
"'Jesus Calvo Hernandez'"
<
[email protected]>,
Enviado
Por:
[email protected],
[email protected][email protected]
kpoint.com
cc:
Assunto:
RE: [FW1] Ident port
113.
18/01/2001 10:15
You can place a rule to
reject ident, this will speed up most mail
servers
as they wait x time to
get a response, then send anyway. Set it to
reject,
not
deny
We've had it this way for months and all mail still flows
through.
PDB
-----Original Message-----
From: Jesus Calvo
Hernandez [
mailto:[email protected]]Sent:
Thursday, January 18, 2001 6:39 AM
To:
[email protected];
[email protected]Subject:
Re: [FW1] Ident port 113.
Hi
Smtp servers try to check the
identity of the server which is trying to
send
mail to them previously to
accept mail from it. It is normal and of you
forbid it it might be
possible, depending on the configuration of your
mail
server, that you
cannot receive any mail from any other mail server
on
the
world.
regards
----- Original Message
-----
From: <
[email protected]>
To:
<
[email protected]>
Sent: Thursday, January 18,
2001 12:57 PM
Subject: [FW1] Ident port 113.
>
> What
means this service: "Ident" that runs at port 113 ?? I setup FW-1
to
>
drop this kind of service and I've been looking to the log
and
observed
> that my SMTP Server tried to do connections using this
service
frequently.
>
> Regards,
>
>
> Omar
Pinheiro
> Departamento de Sistemas
> Telebahia
Celular
>
>
>
>
>
========================================================================
====
====
>
To unsubscribe from this mailing list, please see
the
instructions
at
>
http://www.checkpoint.com/services/mailing.html>
========================================================================
====
====
------------------------------------------------------------------
This
email is confidential and intended solely for the use of the
individual
to
whom it is addressed. Any views or opinions presented are
solely
those
of
the author and do not necessarily represent those of
Sema Group.
If you are not the intended recipient, be advised that you have
received
this email in error and that any use, dissemination,
forwarding,
printing,
or copying of this email is strictly
prohibited.
------------------------------------------------------------------
========================================================================
====
====
To unsubscribe from this mailing list, please see the
instructions
at
http://www.checkpoint.com/services/mailing.html========================================================================
====
====
========================================================================
========
To unsubscribe from this mailing list, please see the
instructions
at
http://www.checkpoint.com/services/mailing.html========================================================================
========
========================================================================
========
To unsubscribe from this mailing list, please see the
instructions
at
http://www.checkpoint.com/services/mailing.html========================================================================
========
================================================================================
To unsubscribe from this mailing list, please see the instructions
at
http://www.checkpoint.com/services/mailing.html================================================================================