North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Slow and Fast IP addresses on http ?
[email protected] ("Steven M. Bellovin") writes: > It might also be port 113 -- some sites try to query your tcp port 113, > and wait for a timeout if the port is firewalled. A better solution > than blocking it is to send an immediate RST. people who depend on tcp/113 deserve everything stupid that happens to them. dropping SYN packets or returning a fixed string are both better than sending an immediate RST. (false confidence being valued less than low confidence.) i was rather shocked to discover tcp/113 clientness enabled by default in postfix and sendmail. but even widespread ignorance does not call for widespread coddling such as returning immediate RST's. -- Paul Vixie
|