also sprach Christian Kurz (on Fri, 31 Aug 2001 10:12:31AM +0200): > > honest question: whose business is the name of a user who initiated a > > connection??? > > It can be some sort of help if you have a system with lots of users and > complainments about one. Some admins may be able to send you the logged > ident information and if you then can trust you ident server, you get a > nice hint to the user, who is responsible. But this depends heavily on > the fact, if you can be sure that your ident server hasn't been > modified/replaced. process accounting. process accounting. > > identd is a horrible concept and elicits shrieks among > > the security conscious. i do understand that you need it for this and > > Would you mind explaining that statement? it's in my other post. ident is an easy way to establish whether e.g. named is running as root so as to properly target attacks. > > names, but other than that, don't worry about it. ident is a hacker's > > friend, not only because nmap can tell everyone who is running the > > services behind your open ports. you don't want that. > > No, that's a wrong statement. Ident doesn't necessarily tell you > anything about the user. it tells you the uid. for root, that's 'root' and that's pretty damn sensitive information right there... martin; (greetings from the heart of the sun.) \____ echo mailto: !#^."<*>"|tr "<*> mailto:"; net@madduck -- riesco a leggerti i pensieri. dovresti vergognarti.
Attachment:
pgpAhVCkw7sLz.pgp
Description: PGP signature