the ident protocol (was about risk linked to long list in /etc/services)

To: debian-user <debian-user@lists.debian.org>
Subject: the ident protocol (was about risk linked to long list in /etc/services)
From: "Paul Dufresne" <dufresnep@gmail.com>
Date: Sat, 30 Aug 2008 22:03:23 -0400
Message-id: <[🔎] 10b8339f0808301903l7e898e09t500e3bf0982735a6@mail.gmail.com>

It appears that I did not read correctly the report of rkhunter about
the warning linked to inetd.

It goes like this:
[08:17:19] Info: Using inetd configuration file '/etc/inetd.conf'
[08:17:19]   Checking for enabled inetd services             [ Warning ]
[08:17:19] Warning: Found enabled inetd service: ident

Here an extract of http://www.faqs.org/rfcs/rfc1413.html (about ident
protocol which seems active):
An Identification server may reveal information about users,
   entities, objects or processes which might normally be considered
   private.  An Identification server provides service which is a rough
   analog of the CallerID services provided by some phone companies and
   many of the same privacy considerations and arguments that apply to
   the CallerID service apply to Identification.  If you wouldn't run a
   "finger" server due to privacy considerations you may not want to run
   this protocol.

I was not aware that web site could read my login name.
I will indeed probably deactivate it.

Reply to:

Prev by Date: Re: Debian on Dell Inspiron 640m
Next by Date: XDMCP Capable Login Managers
Previous by thread: dictionaries-common install problems again
Next by thread: XDMCP Capable Login Managers
Index(es):
- Date
- Thread