hi ya > >Moral of that story is to make sure that you either run an ident > >server, or set it to REJECT. > > Well, I wouldn´t (and don´t) run identd, since I have no intention of > revealing the name of the user running a particular service (in
if one runs identd... any incoming email address to "[EMAIL PROTECTED]" will get returned/bounced back to the sender as no such user... ( you see a log in maillog etc that they tried to send soemthing ) if you dont run identd... you receive and store that email addressed to fake.... and bounced locally to root/postmaster as non-deliverable locally ?? have fun linuxing alvin http://www.Linux-Sec.net ** ** http://www.Linux10.org .... Linux 10th Anniversary Picnic ... ** > general this will be either your login-name or root), but there are > some interesting other options: > > - accept connections to services like ident (or finger or..) but just > return random garbage. One option for this is via inetd: > - ident stream tcp nowait nobody /bin/dd dd if=/dev/urandom bs=64 \ > count=1 > - or, for ident specifically, use fakeidentd (see freshmeat.net, > excellent software). > > Of course, you would want to log such connections via the > kernel-firewall, just so you´ll now what´s going on. > > cheers, > &rw > -- > -- Renting airplanes is like renting sex: It's difficult to arrange > -- on short notice on Saturday, the fun things always cost more, and > -- someone's always looking at their watch. - Paul Tomblin, asr > ---- > > >
