From owner-freebsd-hackers Sat Jul 10 12:50:51 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from gratis.grondar.za (gratis.grondar.za [196.7.18.65]) by hub.freebsd.org (Postfix) with ESMTP id 60F9B15194; Sat, 10 Jul 1999 12:50:29 -0700 (PDT) (envelope-from mark@grondar.za) Received: from grondar.za (localhost [127.0.0.1]) by gratis.grondar.za (8.9.3/8.9.3) with ESMTP id VAA14008; Sat, 10 Jul 1999 21:49:12 +0200 (SAST) (envelope-from mark@grondar.za) Message-Id: <199907101949.VAA14008@gratis.grondar.za> To: Ben Rosengart Cc: "Brian F. Feldman" , hackers@FreeBSD.ORG Subject: Re: a BSD identd Date: Sat, 10 Jul 1999 21:49:12 +0200 From: Mark Murray Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > On Sat, 10 Jul 1999, Mark Murray wrote: > > > There is the question - what for? identd is of questionable use at best. > > I used to run a public shell machine, and one of my users cracked > someone else's site. Identd made it much easier to figure out who the > problem user was. That represents tiny percentage of identd use. The rest is noise. Pidentd+DES _is_ useful in the situation you mention above. It is on average useless to most security folk, as it can also be used to obfuscate the problem. Crack root on the box, and identd is no longer trustworthy. M -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message