Opening Port 113 1

[furtech]

Hello,

I had a user running WinXP SP2, who wasn't able to connect to MSN Messenger. I've found adding port 113 to the exceptions list allowed messenger to connect.

My question is; is it safe to leave port 113 open, or are there any vunrabilities I should know about?

Thanks,


---------------------------------------
Matthew Collins

http://www.furtech.net

---------------------------------------

 

[bcastner]

Port 113 (the IdentD port), is often scanned to see if there is a response as a preliminary step to a Denial of Service attack on a server.

Any open port is a vulnerability. The SP2 firewall would protect you from an inbound attack, even if you make the port exception.

It effectively "stealths" exceptions you have made unless you as a "Server" side application request again the port be opened.

Youi might consider opening uPnP rather than make port exceptions to truely use the firewall. There should be no reason for a specific port exception for Messenger.

 

[furtech]

Thanks, Bcastner


But what is uPnP? I did a search in Google, and only found pages about Universal Plug 'n' Pray.

---------------------------------------
Matthew Collins

http://www.furtech.net

---------------------------------------

 

[bcastner]

See:

http://www.microsoft.com/technet/prodtechnol/winxppro/evaluate/upnpxp.mspx

The service has gotten a bad reputation on the Web, and I believe unfairly.

It is a perfectly reasonable Windows Service, and poses no unusual service risks. And, it would handle your Messenger issue more securely through a firewall than would leaving a port open constantly.