also sprach Ethan Benson (on Fri, 31 Aug 2001 03:30:54AM -0800): > rubbish, if the admin is incompetent enough to be running these things > as root he will have a cracked box regardless of whether identd is > running or not. you have a point, even though there is no need to become offensive! > and all the zillions of bind exploit attempts i get, they are NEVER > preceeded by ident queries. your line of reasoning here is completly > flawed. it's just one line of reasoning. however, you are arguing pro-ident for things that i don't need ident for. so for me, that's one fewer services, one fewer open ports, one fewer entry in the firewall config. therefore inherently, this is "more secure." > > that's one of the many other parts of being security-concious... > > there is such a thing as going overboard with irrlevant minutia. my > isp recently thought it would be a good idea to make /home unreadable > by all its users for `security' reasons, of course this makes > everyones shell puke when it cannot properly ascertain the pwd so they > seem to have changed thier minds on this. (that and cat /etc/passwd > will reveal everything ls -l /home would) i don't think you understand my method. martin; (greetings from the heart of the sun.) \____ echo mailto: !#^."<*>"|tr "<*> mailto:"; net@madduck -- 1-800-psych hello, welcome to the psychiatric hotline. if you are obsessive-compulsive, please press 1 repeatedly.
Attachment:
pgp0hKkC9R2dt.pgp
Description: PGP signature