also sprach Ethan Benson (on Fri, 31 Aug 2001 03:30:54AM -0800):
> rubbish, if the admin is incompetent enough to be running these things
> as root he will have a cracked box regardless of whether identd is
> running or not.
you have a point, even though there is no need to become offensive!
> and all the zillions of bind exploit attempts i get, they are NEVER
> preceeded by ident queries. your line of reasoning here is completly
> flawed.
it's just one line of reasoning. however, you are arguing pro-ident
for things that i don't need ident for. so for me, that's one fewer
services, one fewer open ports, one fewer entry in the firewall
config. therefore inherently, this is "more secure."
> > that's one of the many other parts of being security-concious...
>
> there is such a thing as going overboard with irrlevant minutia. my
> isp recently thought it would be a good idea to make /home unreadable
> by all its users for `security' reasons, of course this makes
> everyones shell puke when it cannot properly ascertain the pwd so they
> seem to have changed thier minds on this. (that and cat /etc/passwd
> will reveal everything ls -l /home would)
i don't think you understand my method.
martin; (greetings from the heart of the sun.)
\____ echo mailto: !#^."<*>"|tr "<*> mailto:"; net@madduck
--
1-800-psych
hello, welcome to the psychiatric hotline.
if you are obsessive-compulsive, please press 1 repeatedly.
PGP signature
