> The whole point of ident was -- and still is -- to
> authenticate or verify who created a specific TCP connection. If
> the machine is untouched (i.e., has not had the root account
> compromised), then ident responses are usually trustworthy
> enough. It is generally not applicable to single user operating
> systems like Windows, Mac OS, or DOS.
...in other words it is not applicable to the vast majority
of operating systems where it is used.
Where is ident used? Predominantly with IRC, with a minority holding
in tcp_wrappers and mail servers. In a "hard" wrapping environment,
by the time you need ident, it is most likely compromised.
M
--
Mark Murray
Join the anti-SPAM movement: http://www.cauce.org
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
