At 10:51 AM 9/5/00 -0500, [EMAIL PROTECTED] wrote:
>sites of users that I have on the machine (i.e- ~debian-isp). I was
>wondering how they are finding out which users that I have on the machine
>and was wondering if I could be running services that pose a security
>problem. I only have the following open:
Probably they are people who come into contact with some of your customers
and are making educated guesses about URL's. Like, if I got an email from
[EMAIL PROTECTED], there's a good chance that www.foo.com/~joe.schmo exists,
and if I think I'm clever, I might go to it to see what's there. Any user
out on the internet who sees an email address of one of your people has
enough info to try and find their ~userid.
>Port State Protocol Service
>113 open tcp auth
>I had a question as to the function of 'auth'.
>I am not quite sure what this does. If someone could give me a heads up.
IIRC, classically identd. This daemon is useless except for people who do a
lot of unix-box to unix-box work. IRC requires it but mIRC spoofs it
rendering it's usefulness laughable. Save some RAM and remove it.
+-------------------------------------------------------------------+
| -=H E L L - J U S T D O N ' T V O T E F O R G O R E=- |
|=- -=ANYBODY FOR PRESIDENT=- -=|
| George W. Bush Alan Keyes Hey, Atleast They're Not Robots |
|=-- http://www.Keyes2000.com. --=|
+———————————————————————————————————————————————————————————————————+
00000100
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
