On Thu, 16 Aug 2001 10:58:37 +0200, Michael Wood writes:
>> Simply put something along the lines of
>> auth stream tcp nowait nobody /bin/dd dd if=/dev/urandom bs=32 count=1
>> in inetd.conf, this will not break anything, leave programs
>> that depend on some auth-answer happy, and doesn?t open any
>> security-holes (that I?m aware of, someone correct me if I?m
>> wrong).
>
>hmmm... well, it might break insecure programs connecting to
>your "ident" server. Also, you're wasting the entropy in your
>random number generator. Why not just "cat blah" or something
>instead?
sure, where I�m worried about the entropy I just generate a file, for
example there�s
waldner@ka:~$ ls -al /home/apache/default.ida
-rw-rw-r-- 1 waldner waldner 10240119 Jul 19 19:34 /home/apache/default.ida
Some friends of mine swear by cat�ing their kernel-sources, some by
/dev/zero. But personally I think that /dev/urandom provides most fun
;-) , although the following is nice, too:
ident stream tcp nowait nobody /usr/bin/nc nc www.microsoft.com 80
Imagine the confusion of the script-kiddies... (and yes, I know that
with doing that an open proxy for www.microsoft.com is created, this is
just an example, don�t use it like that)
cheers,
&rw
--
/ Ing. Robert Waldner | <[EMAIL PROTECTED]> \
\ Xsoft GmbH | T: +43 1 796 36 36 692 /
PGP signature
