From owner-freebsd-hackers Sun Jul 11 15:15:24 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from mailgw00.execpc.com (mailgw00.execpc.com [169.207.1.78]) by hub.freebsd.org (Postfix) with ESMTP id A068C14C18 for ; Sun, 11 Jul 1999 15:15:22 -0700 (PDT) (envelope-from hamilton@pobox.com) Received: from woodstock.monkey.net (obica-2-78.mdm.mkt.execpc.com [169.207.88.206]) by mailgw00.execpc.com (8.9.1) id RAA11815; Sun, 11 Jul 1999 17:15:09 -0500 Received: from pobox.com (localhost [127.0.0.1]) by woodstock.monkey.net (Postfix) with ESMTP id E2F55220; Sun, 11 Jul 1999 17:15:09 -0500 (CDT) To: Mark Murray Cc: Doug , hackers@FreeBSD.ORG Subject: Re: a BSD identd In-reply-to: Your message of "Sun, 11 Jul 1999 22:34:09 +0200." <199907112034.WAA17651@gratis.grondar.za> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Sun, 11 Jul 1999 17:15:09 -0500 From: Jon Hamilton Message-Id: <19990711221510.E2F55220@woodstock.monkey.net> Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <199907112034.WAA17651@gratis.grondar.za>, Mark Murray wrote: } > 1. ident is useful as far as it goes. It shouldn't be trusted as } > authentication, but it can give you a good idea of where to start when } > tracking down problem users. } } First thing you say to yourself after a compromise is "trust nothing". } Things like idents can/will/should/are targets. As has been said over and over, identd isn't useful to track a compromise of the machine running it, but can be useful if machine A is running it and hasn't been compromised, and machine A is used to break into machine B. Of course even then you have to be careful about trusting logs, but in a well set up environment it's certainly better than nothing. And it's useful for tracking abuse that's not related to breaking into machines. [ ... ] } > 3. Having a built in version of a "real" ident run out of inetd would be } > *very* welcome by the people that need it. pidentd is a bloated, buggy pig. } } Small set of people. Much larger set of dupes who would believe/trust } this. While that's true, I'll say again that it's an argument against _abusing_ identd and not an argument against _using_ it. You may not like/want/need it, but other people do, and not all of them are idiots. Just because someone else's usage model differs from yours doesn't make their experiences or desires invalid. -- Jon Hamilton hamilton@pobox.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message