Slow and Fast IP addresses on http ?

• Previous message (by thread): Slow and Fast IP addresses on http ?
• Next message (by thread): Slow and Fast IP addresses on http ?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

smb at research.att.com ("Steven M. Bellovin") writes:

> It might also be port 113 -- some sites try to query your tcp port 113, 
> and wait for a timeout if the port is firewalled.  A better solution 
> than blocking it is to send an immediate RST.

people who depend on tcp/113 deserve everything stupid that happens to them.
dropping SYN packets or returning a fixed string are both better than sending
an immediate RST.  (false confidence being valued less than low confidence.)
i was rather shocked to discover tcp/113 clientness enabled by default in
postfix and sendmail.  but even widespread ignorance does not call for
widespread coddling such as returning immediate RST's.
-- 
Paul Vixie

• Previous message (by thread): Slow and Fast IP addresses on http ?
• Next message (by thread): Slow and Fast IP addresses on http ?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]