[lug] open port
Chip Atkinson
chip at rmpg.org
Thu Mar 28 07:52:21 MST 2002
Jeff,
Don't ignore connections with your firewall. You need to reject it with
a port unavailable message. What happens is that the remote machine
attempts to make a connection on that port before mail transmission can
proceed. If the connection is ignored, it has to time out and that takes
a while. If the port is unavailable according to the firewall, the
connection attempt will be abandoned as soon as the machine receives the
ICMP message and mail will flow smoothly.
Chip
On Thu, 28 Mar 2002, Jeff wrote:
> HI folks,
> Quick questions here. I run a (very) small mail server out of my
> house. When I send mail to most every body, within seconds, I get hits
> on port 113 on my machine; port 113, according to /etc/services, is
> Authentication Service. Right now, my firewall rules, say just to deny
> (ignore) any hits on that port. My questions are this:
> 1. Should I leave the rules as they are?
> 2. Are there any security holes in it, if I open the port?
> 3. Is there a good reason for keeping the port closed or opening it?
>
> Thanks in advance.
> Jeff
>
More information about the LUG
mailing list