-----BEGIN PGP SIGNED MESSAGE----- On Friday 07 Mar 2003 12:59 am, Bill wrote:
> should identd be installed, or is it a security risk? These days it's really not important. When I was working at a Unversity back in 92-94 we installed it on our big Ultrix computing servers so we could have some way of identifying users making connections for auditing purposes, but these days with single user systems you can't really rely on it. Remember, the main reason for installing an IDENT/AUTH service is to help you when someone comes to you and says "we had a connection from machine X and your AUTH server said it was 'blah'". Also remember that IDENT/AUTH servers do not have to return a username, they can quite happily return some sort of token that you can then tie back into a user. Crackers tend to look for these services because they can then do a reverse-ident to figure out what the service they connected to is running as. For instance - a cracker connects from his own machine a web server. Whilst that connection is still up he then connects to the IDENT/AUTH server on the web server and asks who is the user behind the connection *from* the web server to his own box. The IDENT/AUTH server will then give away the UID of the owner (unless it is configured to return some sort of obscure token), so they can tell if it's running as apache, httpd or as their preferred target, root. cheers! Chris - -- Chris Samuel : http://csamuel.org/ : Wollongong, NSW -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iQEVAwUBPmmiAI1yjaOTJg85AQHXPwgAoQfD5+ahca8gR70/x5eagRcNSnSdZHCc PSlGRmhb7B2zAVhclDhOTzFk+zzpswwG9jAZO0O4UtK42nwl3D0wdnyNr/Nyh6Eg YgYa+USgkEBnq/ACK8paPHjt4MFaCcw9UmYQerZXbxh/+dF1fa0lAB6u38dLNs1E zbSigeDNKT9BVg2VdMDnB/Pfom/g1LqUacc+KpwVmCG9PE5MMiDmivl+WthudKtQ YLvNQGApdz4XPBSagtOIB+8q2+SH7Haz3j6Vk3SoqxFiKLHlBBb2MzsipDals4pH f0GfynuBoLQu4ZyDytaMFFTM4YciKXhtWuAV2jnhyNjBApz3mgCTNg== =cTiT -----END PGP SIGNATURE----- -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
