This is a cache of https://support.nagios.com/kb/article/disabling-port-113-ident-requests-840.html. It is a snapshot of the page at 2025-05-14T00:08:56.287+0000.
Disabling Port 113 IDENT Requests
All Categories
Recently Viewed
Disabling Outdated Versions of SSL/TLS
Nagios xi - Can’t Log Into The Web Interface
Nagios xi - Configuration Applies, but still get "Configuration File Is Out Of Date" Error
Active Directory / LDAP - Troubleshooting Authentication Integration
Backups are not being generated due to tar creation errors
Home » Categories » Multiple Categories

Disabling Port 113 IDENT Requests
Article Number: 840 | Rating: Unrated | Last Updated by rspielman on Wed, Jan 13, 2021 at 4:43 PM

Problem Description

You are seeing port 113 return requests either from your Nagios xi server (when submitting NSCA passive results) to the originating host OR you are seeing port 113 return requests when checking NRPE services).

You will see this behaviour on your firewall logs as you will most likely not have a firewall rule for port 113.

 

 

Explanation

This is usually because you are running an NRPE check through xiNETD with USERID included on the log_on_success or log_on_failure options in your remote hosts /etc/xinetd.d/nrpe file.

OR this could be because you are submitting passive results to the xi server through NSCA (which is running under xiNETD) /etc/xinetd.d/nsca with the same options as above.

Further information can be found in the following link:

https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/4/html/Reference_Guide/s2-tcpwrappers-xinetd-alt.html#s3-tcpwrappers-xinetd-alt-log

Note that the USERID option requires an IDENT request to port 113 on the originating server to determine the USERID, that's why you're seeing it.

 

Resolution

Then remove the USERID option from the log_on_failure AND log_on_success to stop the IDENT from occurring. The file you need to change depends on:

  • NRPE on remote host
    • /etc/xinetd.d/nrpe
  • NSCA on Nagios xi server
    • /etc/xinetd.d/nsca

For example, either comment this line out or remove it completely:

# default: on
# description: NSCA (Nagios Service Check Acceptor)
service nsca
{
           flags                 = REUSE
           socket_type      = stream        
           wait                  = no
           user                  = nagios
           group                = nagios
           server               = /usr/local/nagios/bin/nsca
           server_args       = -c /usr/local/nagios/etc/nsca.cfg --inetd
           log_on_failure  += USERID
           disable              = no
           only_from          = 127.0.0.1
}

 

After making the changes you need to restart the xinetd service using one of the commands below:

 

RHEL 7+ | CentOS 7+ | Oracle Linux 7+ | Debian | Ubuntu 16/18/20

systemctl restart xinetd.service

 

 

 

Final Thoughts

For any support related questions please visit the Nagios Support Forums at:

http://support.nagios.com/forum/

Special Offer For Knowledgebase Visitors! Get a huge discount on Nagios Log Server by clicking below.

Get 60% Off Nagios Log Server!

Did you know? Nagios provides complete monitoring of: Windows, Linux, UNIX, Servers, Websites, SNMP, DHCP, DNS, Email, Storage, Files, Apache, IIS, EC2, and more!
Posted by: on Tue, Mar 12, 2019 at 6:58 PM. This article has been viewed 6030 times.
Filed Under: Common Problems, Common Problems, Common Problems, NSCA
0 (0)
Article Rating (No Votes)
Rate this article
  • Icon PDFExport to PDF
  • Icon MS-WordExport to MS Word
Attachments Attachments
There are no attachments for this article.
Related Articles RSS Feed
Nagios xi - Unable To Login Using Two Factor Authentication
Viewed 9238 times since Tue, Apr 10, 2018
Nagios xi - Ajaxterm Installation Aborted
Viewed 4576 times since Tue, Jan 26, 2016
VMWare checks timing out or slow
Viewed 3837 times since Fri, Feb 11, 2022
Nagios xi - Performance Graph Problems
Viewed 28263 times since Fri, Dec 19, 2014
Nagios xi - How To Test Check Commands From The Command-line
Viewed 49114 times since Tue, Jan 26, 2016
Nagios xi - Unable to Delete Host
Viewed 24339 times since Tue, Dec 16, 2014
Nagios Core - Failed to register iobroker
Viewed 7201 times since Wed, Sep 20, 2017
Nagios Core - Nagios did not exit in a timely manner
Viewed 8809 times since Wed, Jan 27, 2016
Nagios xi - Installing Latest SourceGuardian Loaders
Viewed 8128 times since Mon, Jun 18, 2018
NRPE - CHECK_NRPE: Error - Could Not Complete SSL Handshake
Viewed 124212 times since Fri, Jul 14, 2017
Subscribe to knowledge base
Get notified when new articles are added to the knowledge base.
Nagios