[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Confused



On Thu, 16 Aug 2001 10:58:37 +0200, Michael Wood writes:
>> Simply put something along the lines of
>>  auth stream tcp nowait nobody /bin/dd dd if=/dev/urandom bs=32 count=1
>> in inetd.conf, this will not break anything, leave programs
>> that depend on some auth-answer happy, and doesn?t open any
>> security-holes (that I?m aware of, someone correct me if I?m
>> wrong).
>
>hmmm... well, it might break insecure programs connecting to
>your "ident" server.  Also, you're wasting the entropy in your
>random number generator.  Why not just "cat blah" or something
>instead?

sure, where I´m worried about the entropy I just generate a file, for 
 example there´s

waldner@ka:~$ ls -al /home/apache/default.ida
-rw-rw-r-- 1 waldner waldner 10240119 Jul 19 19:34 /home/apache/default.ida

Some friends of mine swear by cat´ing their kernel-sources, some by
 /dev/zero. But personally I think that /dev/urandom provides most fun 
 ;-) , although the following is nice, too:

ident stream tcp nowait nobody /usr/bin/nc nc www.microsoft.com 80

Imagine the confusion of the script-kiddies... (and yes, I know that 
 with doing that an open proxy for www.microsoft.com is created, this is 
 just an example, don´t use it like that)

cheers,
&rw
-- 
/ Ing. Robert Waldner |  <r.waldner@xsoft.at>  \
\     Xsoft GmbH      | T: +43 1 796 36 36 692 /


Attachment: pgpci5XNd0my0.pgp
Description: PGP signature


Reply to: