On Tue, 13 Jan 2015 20:12:11 +0000
Joe <j...@jretrading.com> wrote:

> On Tue, 13 Jan 2015 14:27:42 -0500
> David Parker <dpar...@utica.edu> wrote:
> 
> > Thanks for the replies.
> > 
> > The system is not using tcpwrappers, and it's also not a DNS issue.
> > The client PC does have a reverse DNS entry.  A tcpdump packet
> > capture on the server shows the initial connection from the client
> > followed by a bunch of DNS traffic, all within the same second.
> > Then nothing happens for exactly 5 seconds, then the server sends
> > data back to the client.
> > 
> > Just to be extra sure, I added an entry for it in /etc/hosts so DNS
> > wouldn't even be needed.  Still made no difference.
> > 
> 
> Is it asking for an ident from the connecting server (TCP port 7)?
> This is an old-fashioned custom, when computers with MTAs also ran
> ident servers, which provided some fairly harmless information.
> 
> Exim4 can certainly ask for an ident, and does nothing for a
> configurable timeout unless one is received, or the sender address is
> whitelisted. It is a simple anti-spam measure, as practically nothing
> runs ident servers today, and most malware will give up before a
> thirty-second timeout expires, whereas a legitimate MTA will wait
> for that long.
> 

OK, where did the 7 come from? Should be port 113. I saw it just as the
mouse button clicked...

-- 
Joe


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20150113201613.0b84c...@jresid.jretrading.com

Reply via email to