WARNING: this is an automatic post retrieved from the Asterisk-Users Mailing List, not an authored post
October 30, 2010
Tags: asterisk, connection, Digium, INC, linux, mac operating systems, mail, port, port 113, unidata
While on the subject,
what is digium doing on my port 113?
just from my logfile:
Oct 31 01:11:07 fw2 kernel: EXT; INC, INTRUDER IN=eth0 OUT= MAC=08:00:20:da:3b:4a:00:90:1a:42:70:d3:08:00
SRC=18.104.22.168 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=15394 PROTO=TCP SPT=56211 DPT=113 WINDOW=0 RES=0x00 RST URGP=0
22.214.171.124.in-addr.arpa domain name pointer lists.digium.com.
I’m not logged @digium, not compiling, not accessing list archives retieving svn’s
Port 113 supports what is known as an IDENT service. Basically, it tries
to determine the remote user of a given client network connection.
Yesterday, our web server (126.96.36.199) logged several connections from
mail.arilabs.com (188.8.131.52) to which it attempts a connection on
port 113. If it is sucessful, it will determine the remote user who
connected. This service is widely used on Unix systems, but not really
supported on Windows or Mac operating systems.
So why is the list-server sending an ident-REQ to my IP?
It is blocked anyway, bur WHY???