From owner-freebsd-hackers  Sat Jul 10 12:50:51 1999
Delivered-To: freebsd-hackers@freebsd.org
Received: from gratis.grondar.za (gratis.grondar.za [196.7.18.65])
	by hub.freebsd.org (Postfix) with ESMTP
	id 60F9B15194; Sat, 10 Jul 1999 12:50:29 -0700 (PDT)
	(envelope-from mark@grondar.za)
Received: from grondar.za (localhost [127.0.0.1])
	by gratis.grondar.za (8.9.3/8.9.3) with ESMTP id VAA14008;
	Sat, 10 Jul 1999 21:49:12 +0200 (SAST)
	(envelope-from mark@grondar.za)
Message-Id: <199907101949.VAA14008@gratis.grondar.za>
To: Ben Rosengart <ben@skunk.org>
Cc: "Brian F. Feldman" <green@FreeBSD.ORG>, hackers@FreeBSD.ORG
Subject: Re: a BSD identd 
Date: Sat, 10 Jul 1999 21:49:12 +0200
From: Mark Murray <mark@grondar.za>
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

> On Sat, 10 Jul 1999, Mark Murray wrote:
> 
> > There is the question - what for? identd is of questionable use at best.
> 
> I used to run a public shell machine, and one of my users cracked
> someone else's site.  Identd made it much easier to figure out who the
> problem user was.

That represents tiny percentage of identd use. The rest is noise.

Pidentd+DES _is_ useful in the situation you mention above. It is
on average useless to most security folk, as it can also be used
to obfuscate the problem. Crack root on the box, and identd is no
longer trustworthy.

M
--
Mark Murray
Join the anti-SPAM movement: http://www.cauce.org


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message