Date: Tue, 21 Nov 2000 14:07:51 -0600 (CST) From: Jeremy Nelson <jnelson@epicsol.org> To: freebsd-chat@freebsd.org Subject: Re: Is any efnet server still running? Message-ID: <200011212007.OAA90752@epicsol.org> In-Reply-To: <200011211848.LAA28165@usr08.primenet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Terry Lambert <tlambert@primenet.com> wrote: >[Requiring ident to use irc is] a security precaution, and is unlikely to >be relaxed, so long as the administrator remains sane. > >The point of ident is to hold the machine administrator responsible >for the actions of users on the machine, by allowing the offending >user to be reported accurately to the administrator of an offending >machine. > >Failure of the administrator to take action will result in the >machine being diked out of the IRC community. This may be true in some contexts, but the benefit of using ident in irc is actually more practical for other reasons. The script kiddies love to use the floodbots that spoof other addresses, especially addresses of people the script kiddie want to get in trouble. Some networks, like the undernet, require a PING/PONG exchange with a random value. But this value might be guessed if you try hard enough. Other networks require that you run an identd daemon because then you have the chance to validate or invalidate all connections made in your name. In the absence of an ident daemon, the server has no way of knowing whether or not the connection is actually from you, or from someone forging your ip address. It isn't technically relevant what your ident daemon returns. The only thing that is relevant is that the server has asked *you* if this is *your* connection and unless you say "yes, this is my connection", it won't let you go any further. This is the best way yet to keep dynamic IP users from crying innocence when a boatload of floodbots show up from their IP address. Jeremy To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200011212007.OAA90752>