On 00-12-17 Kevin van Haaren wrote: > Ident questions > ============ > Going through the Securing Debian HOW-TO I don't see a specific > mention either for or against running the ident service (either > through inetd or standalone.) Is there a consensus about if this > service is particularly useful or not? It is useful to identify your users in case of abuse. > Digging around on the internet it mainly seems to be useful for IRC > clients although some mention is made that it can be useful for > preventing users of your system from forging e-mail from your system. It will also be useful if any kind of abuse happens and your logfiles say nothing. If the admin can provide you with the ident-entry from your ident-server, you will still be able to identify the user, but if you have no ident running you will never find out which user abused your server. > As far as security on the system itself it appears mainly to be a > point of DoS attacks, is this a valid evaluation? IRC clients won't Well, depends on your identd configuration. Ciao Christian -- Debian Developer and Quality Assurance Team Member 1024/26CC7853 31E6 A8CA 68FC 284F 7D16 63EC A9E6 67FF 26CC 7853
Attachment:
pgpRjfOGuHpmC.pgp
Description: PGP signature