Re: [exim] RFC 1413 default on debian

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Marc Haber
Datum:  
To: exim-users
Betreff: Re: [exim] RFC 1413 default on debian
On Wed, 16 Mar 2005 16:54:39 +0000, Matthew Byng-Maddick
<exim@???> wrote:
>On Wed, Mar 16, 2005 at 05:51:16PM +0100, Marc Haber wrote:
>> It might be a good idea to be RFC compliant. So, if an ident request
>> comes in, be nice and reject it, or answer it. Droping it without
>> rejecting will grant you that nice delay, which is _your_ fault.
>
>"but then people can probe our network"


I trust _you_ that _you_ know you're joking.

For the archive, better let's make it explicitly clear: Rejecting a
connection attempt does not reveal any more information than dropping
the connection attempt gives. A "drop" gives an attacker the
information that something is there. And that it is desperately trying
to be invisible.

Greetings
Marc

-- 
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber         |   " Questions are the         | Mailadresse im Header
Mannheim, Germany  |     Beginning of Wisdom "     | http://www.zugschlus.de/
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834