Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. General Discussion (Legacy)
  4. Topic: Port 113 open?
« previous next »
Pages: [1]   Go Down

Port 113 open?

  • 5 Replies
  • 561 Views

LP

Port 113 open?
« on: October 25, 2002, 06:36:37 PM »
Hi...!

Sorry, being new to linux and all, I tried to develop the ultimate file sharing, printer sharing and internet sharing box :)  That's why I'm here, since I love the way SME simplified my life!

The only problem is while doing a probe check using grc.com, it reveals that my port 113 is open! I've disabled all remote services (ssh, telnet, ftp), but the port is still open...

Anything I could do?
Logged

Bill Talcott

Re: Port 113 open?
« Reply #1 on: October 25, 2002, 06:48:08 PM »
113 is ident. Steve Gibson seems to think it's some huge security hole, but it's really not in my eyes. Some servers (mail, IRC, etc.) make an ident connection first. If you have a firewall that "stealths" the port (just drops the packets instead of accepting or denying them), the mail/IRC server will keep trying until it times out. This can cause a 30-60 second delay before the connection is actually made. Do a search of these forums (make sure you select "all dates") for "ident" and you should find more than you ever wanted to know.
Logged

Scott Smith

Re: Port 113 open?
« Reply #2 on: October 25, 2002, 10:00:35 PM »
> Steve Gibson seems to think it's some huge security hole...

I think Steve believes _any_ port open for inbound access is a huge security hole.
Logged

LP

Re: Port 113 open?
« Reply #3 on: October 25, 2002, 10:10:14 PM »
So I guess the general feeling is that I can sleep at night even if the port is open... :)

Thanks everyone
Logged

danielrm26

Re: Port 113 open?
« Reply #4 on: October 26, 2002, 12:46:04 AM »
I think it's better to deny this traffic then to allow it.  This is only a philisophical concept based on the fact that an RST from the connecting client gets you service just as fast as a successful connection does.  So, while you may not be in major danger from IDENT being open, it still isn't a good idea if it can be avoided.

The question really is, "If it works great when you DENY the port with an RST, then why leave it open?"

The only thing NOT to do when your server requires IDENT is to DROP it.  This makes checking mail a pain.

--danielrm26
Logged

Andy

Re: Port 113 open?
« Reply #5 on: October 27, 2002, 04:20:12 AM »
Your problem is that you're infected with the GRC Gullibility virus.
Go to http://www.grcsucks.com for the virus removal tool.
Read everything on that site and the virus will be easily removed. It is a common infection. Generally found with people who use windows exclusively.
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. General Discussion (Legacy)
  4. Topic: Port 113 open?