On Thu, 16 Aug 2001 10:58:37 +0200, Michael Wood writes: >> Simply put something along the lines of >> auth stream tcp nowait nobody /bin/dd dd if=/dev/urandom bs=32 count=1 >> in inetd.conf, this will not break anything, leave programs >> that depend on some auth-answer happy, and doesn?t open any >> security-holes (that I?m aware of, someone correct me if I?m >> wrong). > >hmmm... well, it might break insecure programs connecting to >your "ident" server. Also, you're wasting the entropy in your >random number generator. Why not just "cat blah" or something >instead? sure, where I´m worried about the entropy I just generate a file, for example there´s waldner@ka:~$ ls -al /home/apache/default.ida -rw-rw-r-- 1 waldner waldner 10240119 Jul 19 19:34 /home/apache/default.ida Some friends of mine swear by cat´ing their kernel-sources, some by /dev/zero. But personally I think that /dev/urandom provides most fun ;-) , although the following is nice, too: ident stream tcp nowait nobody /usr/bin/nc nc www.microsoft.com 80 Imagine the confusion of the script-kiddies... (and yes, I know that with doing that an open proxy for www.microsoft.com is created, this is just an example, don´t use it like that) cheers, &rw -- / Ing. Robert Waldner | <r.waldner@xsoft.at> \ \ Xsoft GmbH | T: +43 1 796 36 36 692 /
Attachment:
pgptia3yytgYP.pgp
Description: PGP signature