Slow and Fast IP addresses on http ?
Steven M. Bellovin
smb at research.att.com
Tue Jun 17 16:39:15 UTC 2003
In message <20030616210129.GM751 at reifa-wave.karrenberg.net>, Daniel Karrenberg
writes:
>
>tcp-wrapper.
>
>Check DNS of the client address affected, forward and reverse.
>
It might also be port 113 -- some sites try to query your tcp port 113,
and wait for a timeout if the port is firewalled. A better solution
than blocking it is to send an immediate RST.
--Steve Bellovin, http://www.research.att.com/~smb (me)
http://www.wilyhacker.com (2nd edition of "Firewalls" book)
More information about the NANOG
mailing list