Filter Ident port 113

Archived from groups: alt.internet.wireless (More info?)

I am finding that my wireless connection to my linksys router will not work
if I have this option on:

Filter IDENT (Port 113)

> Prevents outside intruders from attacking the router through the internet
> using service port 113.  Select Enable to prevent attack through this service
> port.  However, some applications may require this service port to be
> available. If needed, uncheck to allow those applications to work


What am I risking by trying that off?
Thanks

~~~~~~~~~~~~
Jefferis Peterson, Pres.
Web Design and Marketing
http://www.PetersonSales.com
3 answers Last reply
More about filter ident port
  1. Archived from groups: alt.internet.wireless (More info?)

    On Sun, 02 Jan 2005 15:31:25 -0500, Jefferis NoSpamme
    <jefferisp7@hotmail.com> wrote:

    >I am finding that my wireless connection to my linksys router will not work
    >if I have this option on:
    >
    >Filter IDENT (Port 113)
    >
    >> Prevents outside intruders from attacking the router through the internet
    >> using service port 113.  Select Enable to prevent attack through this service
    >> port.  However, some applications may require this service port to be
    >> available. If needed, uncheck to allow those applications to work
    >
    >What am I risking by trying that off?

    Some mail servers use IDENT to authenticate the sending machine. My
    ancient UUCP over TCP system does that and will not work with IDENT
    turned off. If your email stops working, IDENT may be the problem.
    Systems using a Squid cache also tend to use IDENT as it's on by
    default.

    Some reading:
    http://kline.dal.net/exploits/ident.htm

    --
    Jeff Liebermann jeffl@comix.santa-cruz.ca.us
    150 Felker St #D http://www.LearnByDestroying.com
    Santa Cruz CA 95060 AE6KS 831-336-2558
  2. Archived from groups: alt.internet.wireless (More info?)

    "> >I am finding that my wireless connection to my linksys router will
    not work
    > >if I have this option on:
    > >
    > >Filter IDENT (Port 113)
    > >
    > >> Prevents outside intruders from attacking the router through the
    internet
    > >> using service port 113. Select Enable to prevent attack through
    this service
    > >> port. However, some applications may require this service port to
    be
    > >> available. If needed, uncheck to allow those applications to work
    > >
    > >What am I risking by trying that off?

    The way I steath my 113 is to assign it as a distributed server with
    an unused IP in my subnet.
    Everything works and Shields up show it as stealth.
    http:\\www.grc.com. Granted it works on
    my asante router but no guarantee on yours.


    >
    > Some mail servers use IDENT to authenticate the sending machine. My
    > ancient UUCP over TCP system does that and will not work with IDENT
    > turned off. If your email stops working, IDENT may be the problem.
    > Systems using a Squid cache also tend to use IDENT as it's on by
    > default.
    >
    > Some reading:
    > http://kline.dal.net/exploits/ident.htm
    >
    > --
    > Jeff Liebermann jeffl@comix.santa-cruz.ca.us
    > 150 Felker St #D http://www.LearnByDestroying.com
    > Santa Cruz CA 95060 AE6KS 831-336-2558
  3. Archived from groups: alt.internet.wireless (More info?)

    Jeff Liebermann <jeffl@comix.santa-cruz.ca.us> wrote:

    > Some mail servers use IDENT to authenticate the sending machine. My
    > ancient UUCP over TCP system does that and will not work with IDENT
    > turned off. If your email stops working, IDENT may be the problem.
    > Systems using a Squid cache also tend to use IDENT as it's on by
    > default.
    >
    > Some reading:
    > http://kline.dal.net/exploits/ident.htm

    FWIW, two more links about ident that I scoured from a thread on identd
    in comp.protocols.tcp-ip:

    <http://jis.mit.edu./pipermail/saag/2002q1/000589.html>
    <http://www.clock.org/~fair/opinion/identd.html>

    My router has a setting to reject IDENT requests if no DMZ or packet
    filter for port 113 has been established. It's better to provide a
    formal rejection to an IDENT request rather than just ignoring it.
Ask a new question

Read More

Wireless Filter Routers Wireless Networking