Bugtraq mailing list archives
Re: analysis of auditable port scanning techniques
From: "D. J. Bernstein" <djb () CR YP TO>
Date: Mon, 15 Jan 2001 22:01:17 -0000
Dan Harkless writes:
Theo de Raadt just informed me via email that OpenBSD fixed their identd to only report SS_CONNECTOUT sockets in 1996.
The MTA and the FTP server and many other daemons will make outgoing TCP connections upon request. This bogus ``fix'' does not achieve the stated goal of keeping the daemon usernames secret. Meanwhile, it wipes out useful logs for some portmap-style protocols. (Rare protocols, I agree.) The correct approach is to encrypt the uid under a secret key. This has been built into pidentd for years. ---Dan
Current thread:
- analysis of auditable port scanning techniques Guido Bakker (Jan 04)
- Re: analysis of auditable port scanning techniques Guido Bakker (Jan 05)
- Re: analysis of auditable port scanning techniques Dan Harkless (Jan 05)
- Re: analysis of auditable port scanning techniques Rainer Weikusat (Jan 08)
- Re: analysis of auditable port scanning techniques Dan Harkless (Jan 08)
- Re: analysis of auditable port scanning techniques Henrik Nordstrom (Jan 09)
- Message not available
- Message not available
- Re: analysis of auditable port scanning techniques D. J. Bernstein (Jan 16)
- Re: analysis of auditable port scanning techniques Rainer Weikusat (Jan 08)
- <Possible follow-ups>
- Re: analysis of auditable port scanning techniques dethy (Jan 08)
- Re: analysis of auditable port scanning techniques Michael Bacarella (Jan 08)
- Re: analysis of auditable port scanning techniques Michael S Soukup (Jan 08)