Hi Andrew, On 13-May-00, you wrote:
> Now, when I went there, the URL said that I should NOT have the INETD
> open.
I think you mean identd. Notice the difference :)
> I am just mentioning this, as it *IS* a problem.
No, it's *not* really a problem.
> Would someone more understanding of what it is all about mind explaing the
> INETD?
inetd is a program which processes incoming "calls" to your machine on
various ports and passes it on to the appropriate program.
However what I THINK you are referring to is the ident port. This is a port
which allows authentication of which user on a system has initiated a
connection (for example to an IRC server). Now it doesn't have an awful
lot of meaning in the context of a single-user (or home) system like your
Amiga, it's more significant really on multiuser Unix boxes or similar
where there may be many people logged on and able to open connections to
other machines.
Nevertheless IRC servers like to use authentication. Generally speaking if
you DON'T allow it then you'll be let onto most servers but it may take
longer to log on or potentially some might deny you access.
You may have a separate ident server program running via inetd, or you (more
likely) may be running the built-in one in AmIRC. Either way, disable it
if you want. But there's no real reason to, and there are no known
security holes in AmIRC's identd AFAIK. Sites which warn you that this is
a big security risk and you should not have the port open are being
excessively paranoid and also causing unnecessary worry to people like
yourself.
I haven't read the article you are referring to but I'll try my best to
explain the following hopefully in the right context:
> 'spoofing packets'
When one computer on the internet sends some data to another, it sends it in
lumps called "packets" which can be thought of as a bit like letters -
they have the address of the originating computer and the address of the
destination computer on them. However, it's possible to "spoof" as another
computer - in other words send a packet to a computer which doesn't have
*your* originating address on, it has the address of some other computer.
In some circumstances this can be used to get past firewalls and other
security measures. For example, say there was a Unix computer (1.2.3.4)
configured only to allow logins from other hosts on it's own network (i.e.
1.2.*.*). A foreign computer (5.4.3.2) could potentially manage to get
access by sending appropriate packets which were "spoofed" to appear to
come from (say) 1.2.5.6.
> 'using virtual hosts'
Not entirely sure what context this terms is being used in so I'll leave it
for now.
> 'few icmp request or ping floods'
ICMP packets are a type of packet used when pinging or tracerouting a
computer. However they can be abused - if you have a computer on a fast
network connection and you send huge quantities of ICMP (or other) packets
to a computer on a modem dialup, the dialled-in computer will get clogged
up with all these (junk) packets and so although no actual damage is being
caused the internet connection will appear to "die" as the person on the
dialup will struggle to get any "real" packets through due to the mass of
junk ones flooding it. This can be alleviated somewhat by refusing to
reply to the junk packets.
Hope that helps. If I've made any mistakes in interpretation of context I'm
sure someone will correct me.
Tim
_____________________________________________________________
NetConnect mailing list. To unsubscribe, send an 'unsubcribe'
message to <[EMAIL PROTECTED]>
