also sprach Martin Fluch (on Fri, 31 Aug 2001 01:02:58PM +0300): > Consider the following situation: You admin a computer and some user > tries to atack an other computer from this one. Then the admin of > the attacked computer can tell _you_, from which user the attack was > coming, which helps you. read my other post on process accounting. whoever the user was, this is information *you* need and information that *you* are responsible for. i want to find all my malicious users, even if the remote admin, who was just sendmail buffer overflowed doesn't know of ident. with process accounting, i can *always* tell you who did something, with ident i might be able to *iff* the local user didn't spoof it, *iff* the remote admin is smart and fast enough, and *iff* ident is allowed through some firewall situation - it might be the remote side... > Identd is IMHO not usefull for other systems but the one it is > running on, but there it can be usefull. well, except i will argue that process accounting solves this aspect far better. any other uses? > Martin me too. :_) martin; (greetings from the heart of the sun.) \____ echo mailto: !#^."<*>"|tr "<*> mailto:" net@madduck -- "it appears that pl/i (and its dialects) is, or will be, the most widely used higher level language for systems programming." -- j. sammet
Attachment:
pgp38CuA7XJna.pgp
Description: PGP signature