On Fri, 9 Mar 2007, Brad Knowles wrote: > So Phil says that he runs a trustworthy IDENT server on his box. > Fine. But plenty of spammers, phishers, and other nefarious types > out there will try to use IDENT as another vector to exploit for use > in breaking into your system, or for tricking you into believing > whatever lies they want you to believe.
This is a common misconception of what IDENT is/was for. IDENT was not intended to provide reliable authentication, as to who owned a connection. Rather, IDENT was a way of providing information such that a sysadmin could figure out later which of their own users had done something bad, or had their account compromised. People then started using it this way, possibly due to the inclusion in tcp wrappers, but as I recall it wasn't the original purpose. In other words, as the recipient I have no reason to trust the string. But if I am on the reciving end of an attack from a multi-user machine and am reporting it to the owner of the machine, I would give them the IDENT data I capture so they can better track what happened on their machine. And even on a non-multi user machine, it could help narrow down what process was compromised. There was at least one IDENT server that would return a seemingly random string, that could be decrypted by the sysadmin to know what the account was without divulging the actual name to the outside. ========================================================== Chris Candreva -- [EMAIL PROTECTED] -- (914) 948-3162 WestNet Internet Services of Westchester http://www.westnet.com/ ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
