[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Is ident secure?

On Thu, Aug 30, 2001 at 11:14:33PM -0300, Alisson Sellaro wrote:
> I was checking my firewall logs and have detected lots of TCP/113 dropped
> packets. Checking /etc/services I realized it was ident traffic. What do
> you think about such service? Should I let it blocked or should I allow it
> without further security exposure?

honest question: whose business is the name of a user who initiated a
connection??? identd is a horrible concept and elicits shrieks among
the security conscious. i do understand that you need it for this and
that, so install oidentd, which has a feature to return random user
names, but other than that, don't worry about it. ident is a hacker's
friend, not only because nmap can tell everyone who is running the
services behind your open ports. you don't want that.

martin;              (greetings from the heart of the sun.)
  \____ echo mailto: !#^."<*>"|tr "<*> mailto:"; net@madduck
the web site you seek
cannot be located but
endless others exist.

Attachment: pgpuBC27vDcK7.pgp
Description: PGP signature

Reply to: