HPE Community
Operating System - Linux
1820475 Members
2979 Online
109624 Solutions
New Discussion юеВ

port 113

 
SOLVED
Go to solution
K.C. Chan
Trusted Contributor

тАО09-21-2002 04:02 PM

тАО09-21-2002 04:02 PM

port 113

Does any one knows what port 113 is used for? Thanks.
Reputation of a thousand years can be determined by the conduct of an hour
0 Kudos
Reply
6 REPLIES 6
Craig Kelley
Valued Contributor

тАО09-22-2002 03:40 AM

тАО09-22-2002 03:40 AM

Re: port 113

Looks like ident:

http://www.dancinman.com/GuideBooks/CommonPortsGuide/commonports-guide1.html

0 Kudos
Reply
K.C. Chan
Trusted Contributor

тАО09-22-2002 06:22 AM

тАО09-22-2002 06:22 AM

Re: port 113

I know it's ident, also known as auth. But what's it used for? why is it that my mail server is trying to access a windows 2000 server on this port? Any idea? Thanks.
Reputation of a thousand years can be determined by the conduct of an hour
0 Kudos
Reply
Craig Kelley
Valued Contributor

тАО09-22-2002 07:47 AM

тАО09-22-2002 07:47 AM

Solution

Re: port 113

http://www.rosat.mpe-garching.mpg.de/mailing-lists/procmail/2001-12/msg00173.html

AFAIK, auth *is* ident, it just depends on your vendor as to what they want to call it.
Reply
U.SivaKumar_2
Honored Contributor

тАО09-22-2002 07:59 PM

тАО09-22-2002 07:59 PM

Re: port 113

Hi,

identd is a small program that typically runs out of your inetd server. It keeps track of what user is running what TCP service, and then reports this to whoever requests it.

Many people misunderstand the usefulness of identd, and so disable it or block all off site requests for it. identd is not there to help out remote sites. There is no way of knowing if the data you get from the remote identd is correct or not. There is no authentication in identd requests.

Why would you want to run it then? Because it helps you out, and is another data-point in tracking. If your identd is un compromised, then you know it's telling remote sites the user-name or uid of people using TCP services. If the admin at a remote site comes back to you and tells you user so-and-so was trying to hack into their site, you can easily take action against that user. If you are not running identd, you will have to look at lots and lots of logs, figure out who was on at the time, and in general take a lot more time to track down the user.
When you open ANY tcp connection to a remote site, this remote site may query your Unix Workstation for the name of the process Owner.
Especially Sendmail and Apache can do this.

If you are not running an identd, the remote site will get a connection refused and continue its operation immediately. if you run identd from inetd a fork/exec will take place. The remote server will wait until it gets the answer from your Workstations Identd.

This means, the faster your identd is able to answer requests the faster you will get answers from remote servers.

identd can be used for denial of service attacks . So you can disable it.

regards,
U.SivaKumar


Innovations are made when conventions are broken
Reply
Craig Kelley
Valued Contributor

тАО09-23-2002 07:20 AM

тАО09-23-2002 07:20 AM

Re: port 113

I completely agree. System administrators disable many tools that can be helpful. In addition, many software developers are being forced to make all their network connectivity run over HTTP on port 80 just to get by facist "security" setups (see dotNet, for example). These overly-zealous administrators end up defeating the whole point of being able to manage individual ports.
0 Kudos
Reply
Paul_159
New Member

тАО11-17-2002 12:46 AM

тАО11-17-2002 12:46 AM

Re: port 113

You did give some good answers to the question, "What is port 113?" Thank you. I still see no reason to use it though. Any one with enough knowledge to "hack" will know better than to reply to it.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.