Port 113/identd is used more on IRC (chat) than in normal production..
..but TCP wrappers and other services are able to use it..
Pros of identd:
- When making a connection out of a machine into another machine, identd
is used to tell the remote machine what user you were initially. It
makes tracking people across multiple machines easier because you no
longer have to look through logs to find out who may have been online
at the time of a hacking incident out of your box to another because
syslog shows the userid.
Cons:
Yet another open port to worry about.. and yes, it runs as root.
- Aaron Schultz
- [EMAIL PROTECTED]
------
On Tue, 18 Jul 2000, Rogier Maas wrote:
> Luiz Eduardo Iadocicco wrote:
> >
> > Excuse me but somebody knows about the consequences of turning off this port (
>port 113 ). I have a filter that not leaving this port to pass and I don�t get notice
>the consequences .
> >
> > thank you
> >
> > Luiz Eduardo
> >
>
> That's the third time I see a question about that port. It's not really
> obvious what ident (that's on port 113) does. If I disable it (rfs), my
> logs tell me: "Unable to get canonical name of client, err=2". If I drop
> the packets, the wait is a little longer, but the message seems to be
> the same. If I turn it on (accpt), and clients connect, say on port 110
> (pop3) without the ident-service, I get the same errormsg.
>
> So it's not really obvious to me what ident is good for. To me it's good
> for nothing, but of course, I could be wrong.
>
> Rogier
> --
> Jbj. Gung'f ernyyl pyrire
> bs lbh! Unccl abj? ;-)
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
