Geoff Roberts writes:
> By the way, could anyone tell me how identd adds more security across a
> network? I have read comments on dejanews that it has its own security
> problems.
Probably written by people who don't understand its purpose. identd
removes the anonymity of TCP connections coming from a single machine
by allowing the remote end to ask for a magic cookie which, when
presented to the administrator of the machine, will enable them to
identify the user who made the tcp connection. If someone on a
particular machine is misbehaving, this allows the system
administrator to take action.
Unfortunately, some identd's have been badly written so that they
return the username of the user who connected instead of a magic
cookie. Some people have used this feature to gather email addresses,
since Unix typically maintains a one-to-one correspondence between
usernames and email addresses.
--
-russ nelson <[EMAIL PROTECTED]> http://russnelson.com
Crynwr sells support for free software | PGPok | Government schools are so
521 Pleasant Valley Rd. | +1 315 268 1925 voice | bad that any rank amateur
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | can outdo them. Homeschool!
