Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Port 113 requests?

From: Helmut Springer <delta () FaVeVe Uni-Stuttgart de>
Date: Fri, 7 Dec 2001 19:12:57 +0100
On Thu 2001-12-06 (13:31), Ryan Russell wrote:

uin is connecting to it.  It's intended to be a weak
authentication scheme, though it's basically useless, since it's
info supplied by the client.


As one will see this quite often, the recent rfc1413 defining it is
worth reading (and nice to read).  Obsoleting rfc931 it renames the
protocol from "Authentication" to "Identification Protocol".

Primary purpose nowadays IMHO is to provide the admin of the system
running identd with information if someone having done ident lookups
contacts him.  Or set up things in cooperation, since as pointed out
the information is just as trustworthy as the answering system (and
the link, ok).  BTW: identd may reply with crypted tokens as well.

-- 
MfG/best regards, helmut springer           "Freedom's just another word
                                             for nothing left to lose"

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com
Previous By Date Next
Previous By Thread Next

Current thread: