From owner-freebsd-security Mon Feb 4 21:37:46 2002 Delivered-To: freebsd-security@freebsd.org Received: from addu.axelero.hu (mail02.axelero.hu [195.228.240.77]) by hub.freebsd.org (Postfix) with ESMTP id 09F8F37B41C for ; Mon, 4 Feb 2002 21:37:41 -0800 (PST) Received: from Picasso.Zahemszky.HU (adsl-28-79.adsl-pool.axelero.hu [62.201.79.28]) by mail02.axelero.hu (iPlanet Messaging Server 5.1 (built Jan 30 2002)) with ESMTP id <0GR100NI9OYR1K@mail02.axelero.hu> for freebsd-security@freebsd.org; Tue, 05 Feb 2002 06:37:39 +0100 (MET) Received: (from zgabor@localhost) by Picasso.Zahemszky.HU (8.11.6/8.11.6) id g155ehg00270 for freebsd-security@freebsd.org; Tue, 05 Feb 2002 06:40:43 +0100 (CET envelope-from zgabor) Date: Tue, 05 Feb 2002 06:40:43 +0100 From: Zahemszky =?iso-8859-1?Q?G=E1bor?= Subject: Re: Port 113 Traffic In-reply-to: <20020204200906.5559b083.resopmok@gramsc1.dyndns.org> To: freebsd-security@freebsd.org Message-id: <20020205054043.GA210@Picasso.Zahemszky.HU> MIME-version: 1.0 Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 7BIT Content-disposition: inline User-Agent: Mutt/1.3.27i References: <200202041914.g14JEiM74583@dc.cis.okstate.edu> <20020204202532.P34448@heresy.dreamflow.nl> <20020204200906.5559b083.resopmok@gramsc1.dyndns.org> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, Feb 04, 2002 at 08:09:06PM -0500, Chris Thomas wrote: > Hi folks- > > If i might make suggestions that will both fulfill security concerns and > provide identd services. I ran across a program on freshmeat called > bsidentd (http://freshmeat.net/projects/bsidentd/) which will provide a > random auth response each time it is queried. It does not interact with > user processes, yet prevents programs such as sendmail from hanging during > auth query and allows services such as IRC, while at the same time > protecting valuable information about user names. Hi! And what about the FBSD's inetd's builtin identd (auth) and the -g option? man inetd: Currently, the only internal service to take arguments is ``auth''. Without options, the service will always return ``ERROR : HIDDEN-USER''. The available arguments to this service that alter its behavior are: -g Instead of returning the user's name to the ident requester, report a username made up of random alphanumeric characters, e.g. ``c0c993''. The -g flag overrides not only the user names, but also any fallback name, .fakeid or .noident files. Bye, ZGabor < Gabor at Zahemszky dot HU > -- #!/bin/ksh Z='21N16I25C25E30, 40M30E33E25T15U!' ;IFS=' ABCDEFGHIJKLMNOPQRSTUVWXYZ ';set $Z ;for i { [[ $i = ? ]]&&print $i&&break;[[ $i = ??? ]]&&j=$i&&i=${i%?};typeset -i40 i=8#$i;print -n ${i#???};[[ "$j" = ??? ]]&&print -n "${j#??} "&&j=;typeset +i i;};IFS=' 0123456789 ';set $Z;X=;for i { [[ $i = , ]]&&i=2;[[ $i = ?? ]]||typeset -l i;X="$X $i";typeset +l i;};print "$X" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message