Some IRC servers are now requiring identd and that's on 113, this may be why we're seeing more open UDP 113 ports.
I know that more and more DALnet servers will not let you on without IDENTD enabled. I think they are monitoring folks this way to cut down on booting, etc.
So I disagree that a firewall is configured incorrectly if 113 is open. The individual(s) most likely enjoy IRC chatting and that's why it's open.
I see that I can disable ident (113) thru my linksys router AFTER connecting to IRC (on DALnet anyway) and the port is stealthed according to dslreports and grc.com. This only takes a few seconds to disable thru the browser and it's more secure.
That's true...but if you use IRC quite a bit....that's not a real feasible thing to do. Maybe, a firewall (software...cheap and easy, or even as firewall appliance, not so cheap, but very secure!), and only allow you're IRC client access to the port...that will certainly cut down on any threat!