I have been rejecting ident for a couple of years without any complaints,
either. I suspect that anyone savvy enough to realize the problem is also
savvy enough to know what is going on and why.
hermit1
At 07:31 AM 6/21/00 -0500, James Edwards wrote:
>I went thru this same issue when I put my firewall in. I finally decided to
>block it and see who screams. That was about a year ago and I see a lot of
>blocked ident traffic, almost all going to my mail server.
>
>Guess what, not one single complaint.
>
>Jim Edwards
>
>-----Original Message-----
>From: James Toshack [mailto:[EMAIL PROTECTED]]
>Sent: Tuesday, June 20, 2000 3:44 PM
>To: [EMAIL PROTECTED]
>Subject: [FW1] IDENT Question
>
>Can someone please tell me the importance of the TCP IDENT service port? The
>firewall I'm now managing has IDENT traffic blocked....I don't know if
>this is by design, or a mistake...our extrenal DNS's are producing
>hundreds and thousands of dropped IDENT packets...and I don't know what
>allowing our DNS's to process this IDENT traffic might produce in terms of
>a security risk. Is allowing this type of traffic considered pretty
>standard for a DMZ DNS Server?
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
