Security Incidents mailing list archives
Re: Port 113 requests?
From: Valdis.Kletnieks () vt edu
Date: Fri, 07 Dec 2001 06:08:36 -0500
On Thu, 06 Dec 2001 13:31:31 MST, Ryan Russell said:
That's ident, pretty standard stuff. It's a protocol designed to allow the server machine to query the client for what username and uin is connecting to it. It's intended to be a weak authentication scheme, though it's basically useless, since it's info supplied by the client.
*GAAAK*. No, No, No! Port 113 AUTH is *not* an authentication protocol. It has its roots in the older days of the Internet, when most hosts were still multi-user systems, and not being hijacked every 27 minutes by the worm du jour. The intent was that if *MY* system contacted yours, you could call back and get an identifying string, which was *NOT* for your use for authentication. It was a string that *later*, if there was a problem, you would give back to me, the sysadmin of the *source* machine, and from that, I would hopefully have an idea which of my users I needed to beat the snot out of. Of course, that idea dates back to the quaint notion that there might be packets on the net that weren't probes/attacks, and that things got done over the phone: "Hey Joe, could you talk to that user of yours about his program that went amuck?" "Sure, which user was it?"...
Attachment:
_bin
Description:
Current thread:
- Port 113 requests? Michael Ward (Dec 06)
- Re: Port 113 requests? Chris Wilkes (Dec 06)
- Re: Port 113 requests? Ryan Russell (Dec 06)
- Re: Port 113 requests? Helmut Springer (Dec 07)
- Re: Port 113 requests? Valdis . Kletnieks (Dec 07)
- Re: Port 113 requests? Ryan Russell (Dec 07)
- <Possible follow-ups>
- RE: Port 113 requests? Slighter, Tim (Dec 06)
- RE: Port 113 requests? Ryan McDonnell (Dec 07)
- RE: Port 113 requests? Andrew Leonard (Dec 07)
- RE: Port 113 requests? Todd Suiter (Dec 07)
- Re: Port 113 requests? Helmut Springer (Dec 07)
- Re: Port 113 requests? Crist J . Clark (Dec 07)
- Re: Port 113 requests? Greg A. Woods (Dec 07)
- Re: Port 113 requests? Paul Cardon (Dec 07)
- Re: Port 113 requests? Mike Meredith (Dec 07)
(Thread continues...)