Red Hat Bugzilla – Bug 60708
identd delays caused by xinetd config
Last modified: 2007-04-18 12:40:44 EDT
From Bugzilla Helper:
User-Agent: Mozilla/4.78 [en] (X11; U; Linux 2.4.9-21 i686)
Description of problem:
The default xinetd config /etc/xinetd.d/wu-ftpd add USERID as a log option for
success or failure. This causes xinetd to attempt an identd (auth) connection
connecting host. This fails when the host isn't running an identd daemon or is
firewall blocking identd connections.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1.Make an ftp connection from a host without an identd daemon or one behind a
2.Start tcpdump or some other packet sniffer on the connection.
Actual Results: There is a long delay before the ftp server responds. tcpdump
shows attempts by the ftp server to connect to identd (tcp port 113).
Expected Results: identd should not be invoked. It's a security problem and
to run it or suffer delays if they don't is a bad idea.
This was reported (by someone else) as a problem with xinetd (bug #55936).
However the problem is not with xinetd itself but with the configuration of
various daemons which require it to initiate an identd connection.
Agreed, turned off in 2.6.2-5