Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Slow and Fast IP addresses on http ?

  • From: Paul Vixie
  • Date: Tue Jun 17 13:17:15 2003

smb@research.att.com ("Steven M. Bellovin") writes:

> It might also be port 113 -- some sites try to query your tcp port 113, 
> and wait for a timeout if the port is firewalled.  A better solution 
> than blocking it is to send an immediate RST.

people who depend on tcp/113 deserve everything stupid that happens to them.
dropping SYN packets or returning a fixed string are both better than sending
an immediate RST.  (false confidence being valued less than low confidence.)
i was rather shocked to discover tcp/113 clientness enabled by default in
postfix and sendmail.  but even widespread ignorance does not call for
widespread coddling such as returning immediate RST's.
-- 
Paul Vixie




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.