[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: information question

At 10:51 AM 9/5/00 -0500, debian-isp@ghost.net.cfw.com wrote:
>sites of users that I have on the machine (i.e- ~debian-isp). I was
>wondering how they are finding out which users that I have on the machine
>and was wondering if I could be running services that pose a security
>problem. I only have the following open:

Probably they are people who come into contact with some of your customers
and are making educated guesses about URL's.  Like, if I got an email from
joe.schmo@foo.com, there's a good chance that www.foo.com/~joe.schmo exists,
and if I think I'm clever, I might go to it to see what's there.  Any user
out on the internet who sees an email address of one of your people has
enough info to try and find their ~userid.

>Port    State       Protocol  Service
>113     open        tcp        auth
>I had a question as to the function of 'auth'.
>I am not quite sure what this does. If someone could give me a heads up.

IIRC, classically identd.  This daemon is useless except for people who do a
lot of unix-box to unix-box work.  IRC requires it but mIRC spoofs it
rendering it's usefulness laughable.  Save some RAM and remove it.

|     -=H E L L - J U S T  D O N ' T  V O T E  F O R  G O R E=-     |
|=-                     -=ANYBODY FOR PRESIDENT=-                 -=|
| George W. Bush     Alan Keyes     Hey, Atleast They're Not Robots |
|=--                  http://www.Keyes2000.com.                  --=|


Reply to: