>
> IRC (on dal.net) is reasonably safe, just dont accept any DCC file sends!
> As for blocking 113 tcp good Idea, along with 1080 since most servers now
> check for proxy servers.
though i would recommend a REJECT instead of a DROP eg send a reset
or something because port 113 is a valid protocol called identd
and many server telnetd,ftpd,pop3d,smtpd,ircd infact anything
that runs on *nix system will either
a) expect to connect to a ident server
b) expect a connection refused
otherwise if you connect to ftp and you client times out after
say 30 seconds and the ident lookup on the server timesout after
45 seconds then you dont get a connection this can happen with http
as well.
James
------------------------------------------------------------------------
To unsubscribe email security-discuss-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
