Re: ircii question
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Håkon Alstadheim wrote: s. keeling wrote: Jude DaShiell [EMAIL PROTECTED]: What package or packages need to be installed so when I connect to an irc server I don't get the message Ident is disabled? pidentd I would also think something like inetd or xinetd would be good. Identd should not need to run all the time, letting (x)inetd fire it up as needed would be better. Hot tip: consider carefully how much you reveal about your machine through the ident service. Security through obscurity is now offically dead. If someone wants access to your box, because of the absurd bandwidth available to a cracker (botnet, anyone?), they'll just try every xploit in their db, regardless of it's compatibility with your alleged system. You might as well just have ident running, I forward 113 onto my fBSD machine, so my whole network appears to be 6.2-current (yes i'm too lazy to upgrade) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIIUhnLeTfO4yBSAcRAr7OAKChiweZOROjgttqCBxPgknofVLUnwCeNu0y mvn+hJTScF4jmG570RMpvqA= =uTPD -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ircii question
On Wed, May 07, 2008 at 04:12:56PM +1000, Rich Healey wrote: If someone wants access to your box, because of the absurd bandwidth available to a cracker (botnet, anyone?), they'll just try every xploit in their db, regardless of it's compatibility with your alleged system. Sure, but how often do they want it *that* bad, when there are heaps of insecure Windows machines out there with a *combined* bandwidth rivalling anything that any single entity would have. You might as well just have ident running, I forward 113 onto my fBSD machine, so my whole network appears to be 6.2-current (yes i'm too lazy Hey, there's no need to give them a helping hand. -- Chris. == One, with God, is always a majority, but many a martyr has been burned at the stake while the votes were being counted. -- Thomas B. Reed -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ircii question
On Fri, May 02, 2008 at 03:40:42PM -0500, Mumia W.. wrote: Indeed that can be a problem. I have pidentd disabled, but I can use IRC because I've opened port 113 (auth/ident) in my firewall. If the port is closed but accessible, most IRC servers will allow the connection. This is the default for shorewall. Now I understand why I never had troubles with ident. Regards, Andrei -- If you can't explain it simply, you don't understand it well enough. (Albert Einstein) signature.asc Description: Digital signature
ircii question
What package or packages need to be installed so when I connect to an irc server I don't get the message Ident is disabled? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ircii question
Jude DaShiell [EMAIL PROTECTED]: What package or packages need to be installed so when I connect to an irc server I don't get the message Ident is disabled? pidentd -- Any technology distinguishable from magic is insufficiently advanced. (*)http://blinkynet.net/comp/uip5.html Linux Counter #80292 - -http://www.faqs.org/rfcs/rfc1855.htmlPlease, don't Cc: me. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ircii question
s. keeling wrote: Jude DaShiell [EMAIL PROTECTED]: What package or packages need to be installed so when I connect to an irc server I don't get the message Ident is disabled? pidentd I would also think something like inetd or xinetd would be good. Identd should not need to run all the time, letting (x)inetd fire it up as needed would be better. Hot tip: consider carefully how much you reveal about your machine through the ident service. -- Håkon Alstadheim 47 35 39 38 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ircii question
On 05/02/2008 01:16 PM, Håkon Alstadheim wrote: s. keeling wrote: Jude DaShiell [EMAIL PROTECTED]: What package or packages need to be installed so when I connect to an irc server I don't get the message Ident is disabled? pidentd I would also think something like inetd or xinetd would be good. Identd should not need to run all the time, letting (x)inetd fire it up as needed would be better. Hot tip: consider carefully how much you reveal about your machine through the ident service. Indeed that can be a problem. I have pidentd disabled, but I can use IRC because I've opened port 113 (auth/ident) in my firewall. If the port is closed but accessible, most IRC servers will allow the connection. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ircii question
Håkon Alstadheim [EMAIL PROTECTED]: s. keeling wrote: Jude DaShiell [EMAIL PROTECTED]: What package or packages need to be installed so when I connect to an irc server I don't get the message Ident is disabled? pidentd I would also think something like inetd or xinetd would be good. Identd should not need to run all the time, letting (x)inetd fire it up as needed would be better. identd is not a very fat app, but you're right. Hot tip: consider carefully how much you reveal about your machine through the ident service. And another one: just lie. Run fauxident instead and have it tell the requestor any damn fool thing you please. In my experience (IRC or CVS servers), this has no repurcussions. The requestors apparently just want an ACK. They don't appear to care whether it's factually accurate or not. Runs fine by inetd too. -- Any technology distinguishable from magic is insufficiently advanced. (*)http://blinkynet.net/comp/uip5.html Linux Counter #80292 - -http://www.faqs.org/rfcs/rfc1855.htmlPlease, don't Cc: me. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
