[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 19991214: What is the port 113 used for? (fwd)




===============================================================================
Robb Kambic                                Unidata Program Center
Software Engineer III                      Univ. Corp for Atmospheric Research
address@hidden             WWW: http://www.unidata.ucar.edu/
===============================================================================

---------- Forwarded message ----------
Date: Tue, 14 Dec 1999 13:40:39 -0700
From: Mike Schmidt <address@hidden>
To: Brian High <address@hidden>
Subject: Re: 19991214: What is the port 113 used for? (fwd)

Brian,

Port 113 supports what is known as an IDENT service.  Basically, it trys
to determine the remote user of a given client network connection.
Yesterday, our web server (128.117.149.62) logged several connections from
mail.arilabs.com (206.129.115.118) to which it attempts a connection on
port 113.  If it is sucessful, it will determine the remote user who
connected.  This service is widely used on Unix systems, but not really
supported on Windows or Mac operating systems.  Here's a bit of light
reading to explain more;

: Client username lookups
: -----------------------------
: The protocol proposed in RFC 931 provides a means to obtain the client
: user name from the client host.  The requirement is that the client
: host runs an RFC 931-compliant daemon. The information provided by such
: a daemon is not intended to be used for authentication purposes, but it
: can provide additional information about the owner of a TCP connection.
:
: The RFC 931 protocol has diverged into different directions (IDENT,
: TAP, RFC 1413). To add to the confusion, they all use the same network
: port.  The daemon wrappers implement a common subset of the protocols.
:
: There are some limitations: the number of hosts that run an RFC 931 (or
: compatible) daemon is limited (but growing); client user name lookups
: do not work for datagram (UDP) services. More seriously, client user
: name lookups can cause noticeable delays with connections from non-UNIX
: PCs. Recent PC software seem to have fixed this (for example NCSA
: telnet). The wrappers use a 10-second timeout for RFC931 lookups, to
: accommodate slow networks and slow hosts.

For the most part, you don't have to worry about dropping these packets
although timeouts on IDENT may cause slower connections to remote services
while the query times out.  Let me know if you need more information.

mike

>To: <address@hidden>
>From: "Brian High" <address@hidden>
>Subject: What is the port 113 used for?
>Organization: Analytical Resources, Inc.
>Keywords: 199912140106.SAA05879 LDM port 113
>
> ident           113/tcp
>  auth            113/tcp    Authentication Service
>  auth            113/udp    Authentication Service
>
>  What is the port 113 used for?  I am seeing firewall packets
>  being "dropped" for it and need to know why.
>
>  --Brian
>
> >From address@hidden  Mon Dec 13 19:41:26 1999
>
> Network Administrator Help:
>
> I have a firewall error and am trying to figure out why these
> packets are trying to get through my firewall:
>
>   TCP packet from 128.117.149.62/65159 to 206.129.115.118/113 dropped
>
> I see that port 113 is:
>
>  ident           113/tcp
>  auth            113/tcp    Authentication Service
>  auth            113/udp    Authentication Service
>
> But that doesn't tell me much.
>
> Following the IP address gave this website:
>
> http://128.117.149.62/
>    UCAR Unidata Program Center
>    P.O. Box 3000
>    Boulder, Colorado, USA 80307
>    303 497-8678
>
> Which is you.
>
> What is port 113 for?
>
> --Brian High
> Network Administrator
> Analytical Resources, Inc.


NOTE: All email exchanges with Unidata User Support are recorded in the Unidata inquiry tracking system and then made publicly available through the web. If you do not want to have your interactions made available in this way, you must let us know in each email you send to us.