Dear people running identd on machines they value the security of
(oxymoron, eh?):
This is an extension of the "Re: analysis of auditable port scanning
techniques" thread.
This is a patch for pidentd that gives it the options of not returning the
owner of the process bound to a port.
the following patch adds two options to pidentd.
-x commandline or port:exclude option can be used to specifically return
an "INVALID PORT" message
command line: identd -x21,22,23,79,80
config file : port:exclude = "21,22,23,79,80"
-X commandline or port:exclude_known option can be used to return an
"INVALID PORT" message to all "known" services that can be found in
/etc/services (getservbyport(3) call)
command line: identd -X
config file : port:exclude_known = on
http://www.uberhax0r.net/~optyx/pidentd.exclusion_patch.tar.gz (14kB)
-Optyx, Uberhax0r Communications
http://www.uberhax0r.net - putting bullets in mullets since '97
pidentd.exclusion_patch.tar.gz
