Re: Is ident secure?
slightly off topic ... but identd is pretty insecure ...
directly copied from the nmap man page ....
As noted
by Dave Goldsmith in a 1996 Bugtraq post, the ident
protocol (rfc 1413) allows for the disclosure of
the username that owns any process connected via
TCP, even if that process didn't initiate the con
nection. So you can, for example, connect to the
http port and then use identd to find out whether
the server is running as root. This can only be
done with a full TCP connection to the target port
(i.e. the -sT scanning option). When -I is used,
the remote host's identd is queried for each open
port found. Obviously this won't work if the host
is not running identd.
for some odd reason, I've noticed that when I tell oidentd to bind itself to
port 113, it seem prevent this "problem". (Amazingly its still works for
legit identd requests) Identd is pretty crappy, however major IRC networks
like EFnet will require because less abuse comes from clients with identd.
(unless you get lucky and run into an open I:Line server that doesn't need
identd.)
Sunny Dubey
Reply to: