[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: information question

> sites of users that I have on the machine (i.e- ~debian-isp). I was
> wondering how they are finding out which users that I have on the machine
> and was wondering if I could be running services that pose a security
> problem. I only have the following open:
> Port    State       Protocol  Service
> 21      open        tcp        ftp
> 22      open        tcp        ssh
> 25      open        tcp        smtp
> 80      open        tcp        http
> 113     open        tcp        auth
> 443     open        tcp        https
> 515     open        tcp        printer
> 3306    open        tcp        mysql
> 6000    open        tcp        X11
> I had a question as to the function of 'auth'.
> I am not quite sure what this does. If someone could give me a heads up.
> Any advice appriciated.

Auth servers are used to determine the "owner" of a specific
connection, more commonly known as identity servers, and essentially 
useless. Some IRC servers use them to make sure you're not IRC'ing as

Some network scanners use ident to determine what services are running as
root, to aid them in a system compromise.

If you need to run identity/auth services at all, use one that can be
configured to return useless information like (*shameless plug*) ident2 at

You can probably safely disable it, though.


Reply to: