I am confused about what the ident daemon does.
"Rute User's tutorial" identifies it as a possible security hole. Is it?
A few days ago messages like "identd: started" started showing in my
syslog, and seeing there had been some kind of expoit, I updated the
package. Following the readme, I replaced the "ident" line in inet.conf
with an "auth" line. This seemed necessary in order to bring IP
masquerading up to speed. I wonder why.
In the ident2 package readme, it says IP masquerading is not supported
but that essentially (?) the same results can be obtained by sending
random replies, so I entered the random option in the inet.conf command
line. Well, today my auth log records random replies being
sent to some IP I don't know. This is what's supposed to happen, right?
- Re: identd
- From: "s. keeling" <email@example.com>