The saga continues....
Ok... I set the firewall to reject TCP port 13 requests from
my clients (on the private lan). The Winblows 2k box that was
generating these requests was over a 802.11g connection. (wireless)
Hmmm... that was a bad idea. The Winblows 2k box didn't care
much for the rejects. It went wild sending TCP port 13 requests
to one host after another. Very rapidly rotating across hosts. This
created a heavy load on the Wireless net. So.. Since there
appears to be no way to disable this on the client, I changed
the firewall to just drop any TCP port 13 requests coming from
clients on the private lan. This seems to have slowed the Winblows 2k
box down to only making requests every few seconds.
The traffic on the wireless net is now back to a reasonable level, and
the client has been upgraded to use TCP 123 (SNTP) to a server
that is more reasonable. I can't stop the client from sending the
TCP port 13 requests, but the level of pain is now tolerable, and
it will not be maintaining a connection with M$.
Thanks,
Don Capps
"Jay T. Blocksom" <usenet01+SPAMBLOCK@appropriate-tech.net> wrote in message
news:mneojv85ip77sh9dn345g35q36i3l128vj@news.rcn.c om...
> On Tue, 12 Aug 2003 17:35:20 GMT, in <alt.privacy.spyware>, "Capps"
> <capps@iozone.org> wrote:
> >
> > Is there some reason that my Windows 2000 clients would
> > be needing to talk to www.us.microsoft.com on TCP port 13
> > (Daytime) ? Or, should I be blocking this at the firewall ?
> >
> [snip]
>
> You should be blocking EVERYTHING that you do not have a specific reason
to
> *not* block. In the case of Port 13, unless you use the (outdated, and
> rather useless compared to NTP) "Daytime" service, there is no reason to
> permit any traffic on that port. (And even if you do, allow it only to
the
> host/IP that YOU decide to get the time hack from).
>
> --
>
> Jay T. Blocksom
> --------------------------------
> Appropriate Technology, Inc.
> usenet01[at]appropriate-tech.net
>
>
> "They that can give up essential liberty to obtain a little temporary
> safety deserve neither liberty nor safety."
> -- Benjamin Franklin, Historical Review of Pennsylvania, 1759.
>
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-
> NOTE: E-Mail address in "From:" line is INVALID! Remove +SPAMBLOCK to
mail.
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-
> Unsolicited advertising sent to this E-Mail address is expressly
prohibited
> under USC Title 47, Section 227. Violators are subject to charge of up to
> $1,500 per incident or treble actual costs, whichever is greater.
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-
Reply With Quote