Koozali.org: home of the SME Server

Legacy Forums => Experienced User Forum => Topic started by: Mr Dog on July 16, 2002, 05:52:38 PM

Title: Version 5.5 security
Post by: Mr Dog on July 16, 2002, 05:52:38 PM

I have installed version 5.5 as a private server/gateway.


GRC is telling me port 113 is OPEN and since I am a private gateway
I want to be as stealthy as I can.
Why are these open by default?

ACCEPT     tcp  ------  anywhere             not.telling.com.au  any ->   auth
ACCEPT     udp  ------  anywhere             not.telling.com.au any ->   113

Is there a simple setting to block these?
Custom templates are a pain.

Apart from that 5.5 seems very sweet.

Title: Re: Version 5.5 security
Post by: Bill Talcott on July 16, 2002, 06:40:42 PM

Port 113 is ident. Some servers (IRC, SMTP, etc.) use it to contact the client. If you stealth it (just drop all incoming packets), some of your connections may take longer. This is because it has to wait for the connection to time out, instead of immediately receiving a reply (whether it's "ok" or "denied"). See http://forums.contribs.org/index.php?topic=13868.msg52747#msg52747 for my findings on it, and http://www.tpffaq.com/cgi-bin/faqmanager.cgi?file=other&toc=faq#q2 for more info on results of blocking ident.

Title: Re: Version 5.5 security
Post by: fred m. on July 17, 2002, 08:48:58 PM

Here are some good howto's from Mitel:

http://edocs.mitel.com/default-6000SBAP.htm