RE: Identification Protocol (was: Re: your mail)

To: Fredrik Liljegren <fredrik.liljegren@configura.com>
Cc: debian-security@lists.debian.org
Subject: RE: Identification Protocol (was: Re: your mail)
From: Sebastian Stark <stark@komcept.de>
Date: Thu, 16 Mar 2000 18:25:53 +0100 (CET)
Message-id: <[🔎] Pine.LNX.3.96.1000316181807.2038C-100000@javaanse.institut.komcept.de>
In-reply-to: <[🔎] B519D0EAC5FFD211AD0D00902759B1032EFD22@RAGNAROK>

On Thu, 16 Mar 2000, Fredrik Liljegren wrote:
> > i'd turn auth off for security reasons if your box has a direct
> > connection to internet.
> Many people misunderstand the usefulness of identd, and so disable it or
> block all off site requests for it. identd is not there to help out remote
> sites. There is no way of knowing if the data you get from the remote identd
> is correct or not. There is no authentication in identd requests.

maybe i am one of these people :)
identd takes two parameters, the server and the source port of a tcp
connection. it gives back the userid of the user who started it. am i
right so far?
i think, the userid may be useful for some purposes but in most cases it
is not but gives a hacker a little piece of information.
but, you're right, it could be worth while tracking down some attack from
your own computer. hmm... i will think about it :-)

thanks

Reply to:

Follow-Ups:
- Re: Identification Protocol (was: Re: your mail)
  - From: Mark Brown <broonie@tardis.ed.ac.uk>

References:
- RE: Identification Protocol (was: Re: your mail)
  - From: Fredrik Liljegren <fredrik.liljegren@configura.com>

Prev by Date: Re: your mail
Next by Date: Re: your mail
Previous by thread: RE: Identification Protocol (was: Re: your mail)
Next by thread: Re: Identification Protocol (was: Re: your mail)
Index(es):
- Date
- Thread