Firewall Wizards mailing list archives
identd, revisited
From: ArkanoiD <ark () eltex net>
Date: Fri, 2 Feb 2007 13:37:27 +0300
I remember when i asked if it is useful to make fwtk proxies capable of ident lookups - about 7 years ago i think ;-) i've heared people screaming "no, no, identd is insecure and bad, don't use it!" But what's really wrong with identd? It seems to be a good way to distinguish users on multiuser hosts. Well, doing that via kerberos or ssl certificates may be better, but both require some protocol intervention. So if you do trust host users separation (and if it is compromised at root level no method is good enough anyways), ident info can be used as well. And it is up to you what to do with it. Is ident still being used by anyone besides irc and smtp? _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- identd, revisited ArkanoiD (Feb 02)
- Re: identd, revisited Jim Seymour (Feb 02)
- Re: identd, revisited H. Morrow Long (Feb 02)
- Re: identd, revisited Marcus J. Ranum (Feb 04)
- Re: identd, revisited H. Morrow Long (Feb 02)
- Re: identd, revisited Marcus J. Ranum (Feb 02)
- Re: identd, revisited ArkanoiD (Feb 04)
- Re: identd, revisited ArkanoiD (Feb 04)
- Re: identd, revisited Joshua Hill (Feb 04)
- Re: identd, revisited Jim Seymour (Feb 02)