Re: Port 113 requests?

[Valdis.Kletnieks () vt edu]

On Thu, 06 Dec 2001 13:31:31 MST, Ryan Russell said:

> That's ident, pretty standard stuff.  It's a protocol designed to allow
> the server machine to query the client for what username and uin is
> connecting to it.  It's intended to be a weak authentication scheme,
> though it's basically useless, since it's info supplied by the client.

*GAAAK*.

No, No, No!

Port 113 AUTH is *not* an authentication protocol.

It has its roots in the older days of the Internet, when most hosts
were still multi-user systems, and not being hijacked every 27 minutes
by the worm du jour.  The intent was that if *MY* system contacted
yours, you could call back and get an identifying string, which was
*NOT* for your use for authentication.

It was a string that *later*, if there was a problem, you would give
back to me, the sysadmin of the *source* machine, and from that,
I would hopefully have an idea which of my users I needed to beat
the snot out of.

Of course, that idea dates back to the quaint notion that there might
be packets on the net that weren't probes/attacks, and that things got
done over the phone: "Hey Joe, could you talk to that user of yours
about his program that went amuck?" "Sure, which user was it?"...

Attachment: _bin
Description: