[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] identd



* fin; <fbissett@xxxxxxxxxxxxxxxx> on 30 Oct, 2002 wrote:
Could someone tell me how to switch off identd in 8.1?
I tested my firewall at www.grc.com and all of my ports are in stealth mode except identd, which is closed but still visible. As it is a potential source of information and only used for irc, which I don't need, I'd like to get rid of it.

You need it also for mail sending. Here is the code from SuSEfirewall2-3.1

# If port 113 (auth/identd) will not allowed below, outgoing mail would
# be delayed most of the time. Hence we put a hardcoded reject line
# in.
$IPTABLES -I input_ext 1 -j "$REJECT" -p tcp --dport 113 --syn 2> /dev/null


if you are using older version is 2.1 then
# If port 113 (auth/identd) was not allowed above, outgoing mail would
# be delayed most of the time. Hence we put a hardcoded reject line in.
for CHAIN in input_ext input_dmz input_int; do
   $LDA $IPTABLES -A $CHAIN -j LOG ${LOG}"-REJECT "  -p tcp --dport 113
   --syn
   $IPTABLES -A $CHAIN -j "$REJECT" -p tcp --dport 113 --syn
--reject-with tcp-reset 2> /dev/null
done


So that means you are rejecting requests to port 113 and you are safe as
far as port 113 goes for more detail about SuSEfirewall2 have look at
http://dinamizm.ath.cx/articles/firewall2.pdf if you haven't yet


--

Togan Muftuoglu
Unofficial SuSE FAQ Maintainer
http://dinamizm.ath.cx



--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here