Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 11 Jul 1999 17:15:09 -0500
From:      Jon Hamilton <hamilton@pobox.com>
To:        Mark Murray <mark@grondar.za>
Cc:        Doug <Doug@gorean.org>, hackers@FreeBSD.ORG
Subject:   Re: a BSD identd 
Message-ID:  <19990711221510.E2F55220@woodstock.monkey.net>
In-Reply-To: Your message of "Sun, 11 Jul 1999 22:34:09 %2B0200." <199907112034.WAA17651@gratis.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help 

In message <199907112034.WAA17651@gratis.grondar.za>, Mark Murray wrote:
} > 1. ident is useful as far as it goes. It shouldn't be trusted as
} > authentication, but it can give you a good idea of where to start when
} > tracking down problem users. 
} 
} First thing you say to yourself after a compromise is "trust nothing".
} Things like idents can/will/should/are targets.

As has been said over and over, identd isn't useful to track a compromise
of the machine running it, but can be useful if machine A is running it
and hasn't been compromised, and machine A is used to break into machine
B.  Of course even then you have to be careful about trusting logs, but
in a well set up environment it's certainly better than nothing.  And
it's useful for tracking abuse that's not related to breaking into machines.

[ ... ]

} > 3. Having a built in version of a "real" ident run out of inetd would be
} > *very* welcome by the people that need it. pidentd is a bloated, buggy pig.
} 
} Small set of people. Much larger set of dupes who would believe/trust
} this.

While that's true, I'll say again that it's an argument against _abusing_
identd and not an argument against _using_ it.  You may not like/want/need
it, but other people do, and not all of them are idiots.  Just because
someone else's usage model differs from yours doesn't make their experiences
or desires invalid.

-- 
   Jon Hamilton  
   hamilton@pobox.com



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990711221510.E2F55220>