Bugtraq mailing list archives

Re: ANNOUNCE: secure identd v0.3


From: pb () INSECURITY NET (Paul Boehm)
Date: Tue, 15 Sep 1998 20:56:58 +0200


On Tue, Sep 15, 1998 at 01:17:33PM -0400, Wietse Venema wrote:
This will not overflow, but in return for that, it will cause the
program to consume arbitrary amounts of memory. How many sident
processes does it take to run the machine out of swap space? On
some systems one sident process will suffice, on others as many as
swap/rlimit.

thanks for the report, i fixed that in 0.5 which is
available under http://insecurity.net/sidentd.tar.gz

ChangeLog since the last announced version:

# ChangeLog:
# v0.5 Sep 15 '98 - Reads only at most 20 chars from STDIN, then halfcloses the
#                   socket to prevent memory junkflooding,
#                                      (suggested by wietse venema)
#
# v0.4 Sep 15 '98 - Added security check for $uid (suggested by kevin vajk)
#                   Added char restriction to fakeunames,
#                   Added code to prevent users from faking other users.
#                   Added new commandline params for new features.
#                   Commandline args now toggle instead of set to fixed value.
#                   Checks for /proc/net/tcp and reports when incompatible.

with 0.5 sidentd no longer trusts anyone.. not even /proc,
so i think i can say it's stable now. (phew)

i'll add optional proxy-through identd support for masquerading hosts into
one of the next versions. sidentd will be renamed soon to "Sid" to prevent
naming confusions. the pidentd like DES support some people wanted seems
a bit far away, sorry... (or maybe there's a perl module for it.. gotta
look sometime)

bye,
    paul

PS: my english isn't as bad as the changelog suggests, i just tried to fit
    everything in one line.

PPS: check http://insecurity.net/ for newer versions from time to time.

--

[ Paul S. Boehm | paul () boehm priv at | http://paul.boehm.org/ | infected@irc ]

      Linux is like a wigwam - no windows, no gates, apache inside!



Current thread: