> > Pidentd+DES _is_ useful in the situation you mention above. It is > > on average useless to most security folk, as it can also be used > > to obfuscate the problem. Crack root on the box, and identd is no > > longer trustworthy. > > You have an interesting point, however, once a user gains root > access, nothing on the machine should be considered trustworthy.
Right - but ident is an "after the fact" tool; one which at the time you really need results is at its least trustworthy. I need that like an extra hole in the head. :-) M -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to majord...@freebsd.org with "unsubscribe freebsd-hackers" in the body of the message
