Date: Sat, 10 Jul 1999 14:56:40 -0500 From: Chris Costello <chris@calldei.com> To: Mark Murray <mark@grondar.za> Cc: Ben Rosengart <ben@skunk.org>, "Brian F. Feldman" <green@FreeBSD.ORG>, hackers@FreeBSD.ORG Subject: Re: a BSD identd Message-ID: <19990710145640.B57198@holly.dyndns.org> In-Reply-To: <199907101949.VAA14008@gratis.grondar.za>; from Mark Murray on Sat, Jul 10, 1999 at 09:49:12PM %2B0200 References: <199907101949.VAA14008@gratis.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Jul 10, 1999, Mark Murray wrote: > > I used to run a public shell machine, and one of my users cracked > > someone else's site. Identd made it much easier to figure out who the > > problem user was. > > That represents tiny percentage of identd use. The rest is noise. > > Pidentd+DES _is_ useful in the situation you mention above. It is > on average useless to most security folk, as it can also be used > to obfuscate the problem. Crack root on the box, and identd is no > longer trustworthy. You have an interesting point, however, once a user gains root access, nothing on the machine should be considered trustworthy. -- Chris Costello <chris@calldei.com> If a train station is where the train stops, what is a work station? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990710145640.B57198>