From owner-freebsd-security Wed Aug 6 12:58:19 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id MAA15902 for security-outgoing; Wed, 6 Aug 1997 12:58:19 -0700 (PDT) Received: from grunt.vl.kharkov.ua (grunt.vl.kharkov.ua [193.124.76.209]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id MAA15880 for ; Wed, 6 Aug 1997 12:57:52 -0700 (PDT) Received: (from news@localhost) by grunt.vl.kharkov.ua (8.8.6/8.8.6) id WAA22261 for dev.null; Wed, 6 Aug 1997 22:56:08 +0300 (EEST) To: freebsd-security@freebsd.org Subject: SUMMARY: identd working? Date: 6 Aug 1997 19:56:07 GMT Message-ID: <5saksn$ln5$1@grunt.vl.kharkov.ua> X-Newsreader: TIN [version 1.2 PL2] X-Via: News-To-Mail v1.0 From: doka@dragon.opera.kharkov.ua (Vladimir Litovka) Sender: owner-freebsd-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Hello! On Wed, 6 Aug 1997, Hoss Firooznia wrote: > > On my system (FreeBSD 2.2.2) don't work identd (pident-2.2.4) I have such > > line in inetd.conf: > > > > ident stream tcp wait root /usr/local/sbin/identd identd -w -t120 > > > > but when connecting to remote side, there is no identification. > > It's possible (but probably unlikely) that your system has been broken > into and your copy of identd has been replaced with a "trojan horse" > program that allows attackers back into your system. I don't think such, because I recently rebuild pident package, and problem is still. This feature happens only with some versions of inetd. For example, inetd, that is in FreeBSD package, work normally. So, this isn't a problem of pidentd, but IMHO problem of inetd. > Below I've included a recent CERT advisory that explains the problem. > Good luck, and I hope this is just a harmless problem with identd and > not something more serious. Thank you. I _think_ that there isn't hacker's wars :-) Vladimir Litovka , UNIX System Administrator Check my resume at http://pasha.tnp.com/~doka ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~NewsGate~ (c) Vladimir Litovka