On Saturday 17 November 2007 22:35, Amos Shapira wrote: > On 16/11/2007, Geoffrey S. Mendelson <[EMAIL PROTECTED]> wrote: > > In the Internet as people would like it to be, identd runs and returns > > information about the host computer and the user. > > I'd change that to "In the Internet as stupid admins would like it to > be". Identd is the stupidest security-related protocol and had I not > seen it keep being mentioned for almost 20 years I wouldn't have > believed it still being used for anything else but waste of time and > network bandwidth. > > Does anyone here run an identd server or trust its replies?
No. Identd is a security breach, especially if open to the world. Also, the current identd daemons can reply with whatever you want if you use a .file in your home directory, which tells it how to respond instead of giving out your username. Identd makes as much sense now as finger @host does. --Ariel -- Ariel Biener e-mail: [EMAIL PROTECTED] PGP: http://www.tau.ac.il/~ariel/pgp.html ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
