Ident - not
Ident demon listens on this port, but TCP not UDP.
An incorrectly configured firewall may open UDP+TCP port 113 in order to allow Ident requests in.
Some IRC servers are now requiring identd and that's on 113, this may be why we're seeing more open UDP 113 ports.
I know that more and more DALnet servers will not let you on without IDENTD enabled. I think they are monitoring folks this way to cut down on booting, etc.
So I disagree that a firewall is configured incorrectly if 113 is open. The individual(s) most likely enjoy IRC chatting and that's why it's open.
...just my $0.02
[text was edited by author 2003-03-06 02:34:37]
[text was edited by author 2003-03-06 02:37:08]
I see that I can disable ident (113) thru my linksys router AFTER connecting to IRC (on DALnet anyway) and the port is stealthed according to dslreports and grc.com. This only takes a few seconds to disable thru the browser and it's more secure.
|reply to justin |
That's true...but if you use IRC quite a bit....that's not a real feasible thing to do. Maybe, a firewall (software...cheap and easy, or even as firewall appliance, not so cheap, but very secure!), and only allow you're IRC client access to the port...that will certainly cut down on any threat!