On Thu, Mar 16, 2000 at 10:07:37PM +0000, Tim Haynes wrote:

> Alternatively, people might filter based on different incoming host, network
> or interface[1]; if it's from a site I trust I might allow it for speed and/or
> identity "checking" if required; if I'm not sure about them I might let them
> through to tcp wrappers so an incoming request sparks a scan/finger straight
> back whence it came; otherwise I might just DENY altogether.

 True.  However, IIRC the docs for identd say not to put identd behind tcpd,
because if two computers do this, and then one tries to ident the other one,
you've got a packet storm brewing.

