On Thu, 2005-01-13 at 02:59, Brent Clark wrote:
> Soo I would like to know, if it is advisable to stop identd. I have
> googled abit and from what I gather, its considered as dangerous and
> basically pointless to run. By removing / stopping this service, will it
> hamper hinder my users, other servers in any other way. I only run a
> mail and ftp server.
there are still mail servers out there configured to do an ident lookup
prior to sending mail to you. i normally disable identd, but i always
add a rule like this to speed up services that still request it:
iptables -N ident
iptables -A ident -p tcp --syn --dport 113 \
-j REJECT --reject-with tcp-reset
iptables -A INPUT -j ident
iptables -A FORWARD -j ident
-j
--
"Ahh the Luftwaffe--the Washington Generals of the History Channel."
--The Simpsons
