On Thu, Mar 16, 2000 at 02:19:53PM -0800, Brian Kimball wrote:
> Peter Cordes wrote:
>
> > This isn't specific to identd, but I'm wondering why you would bother
> > filtering the port instead of just not running identd? (I assume you would
> > have/do turn off identd in /etc/inetd.conf as well a
On Thu, Mar 16, 2000 at 10:07:37PM +, Tim Haynes wrote:
> Alternatively, people might filter based on different incoming host, network
> or interface[1]; if it's from a site I trust I might allow it for speed and/or
> identity "checking" if required; if I'm not sure about them I might let them
Peter Cordes wrote:
> This isn't specific to identd, but I'm wondering why you would bother
> filtering the port instead of just not running identd? (I assume you would
> have/do turn off identd in /etc/inetd.conf as well as using doing port
> filtering.) I've never really understood why people
Yes, the best policy is always to disable anything on your machine that
you're not using. Those you _are_ using, you then filter the crap out of.
Personally, my workstation-type machines only listen on port 6000 (X), 22
(ssh), and occasionally ftp and tftp if I need them for a specific
purpose
On Thu, Mar 16, 2000 at 05:58:00PM -0400, Peter Cordes wrote:
> This isn't specific to identd, but I'm wondering why you would bother
> filtering the port instead of just not running identd? (I assume you would
> have/do turn off identd in /etc/inetd.conf as well as using doing port
> filtering.)
On Thu, Mar 16, 2000 at 04:39:05PM +, Tim Haynes wrote:
> For most (home) purposes it's best to make it REJECT instead of DENY, if you
> choose to block it, so that e.g. remote FTP sites don't have to wait for a
> timeout before letting you in.
This isn't specific to identd, but I'm wonderin
On Thu, 16 Mar 2000, Fredrik Liljegren wrote:
> > i'd turn auth off for security reasons if your box has a direct
> > connection to internet.
> Many people misunderstand the usefulness of identd, and so disable it or
> block all off site requests for it. identd is not there to help out remote
> sit
On Thu, Mar 16, 2000 at 03:01:40PM +, Mark Brown wrote:
> On Thu, Mar 16, 2000 at 03:45:50PM +0100, Ivan Ivanovic wrote:
>
> > On my Slink placed on Inernet often appears auth port connection attempts
> > from various sites... What (common) application needs this port?
>
> The auth port pro
On Thu, Mar 16, 2000 at 03:45:50PM +0100, Ivan Ivanovic wrote:
> On my Slink placed on Inernet often appears auth port connection attempts
> from various sites...
> What (common) application needs this port?
The auth port provides a facility for a remote machine to identify who's
on your end
> irc server make ident connections to clients.
> squid can use ident for authorization.
> sendmail sometimes uses ident.
>
> maybe you want to read rfc1413.
>
> i'd turn auth off for security reasons if your box has a direct
> connection to internet.
Hmm, that's an easy approach, but from Secur
On Thu, 16 Mar 2000, Ivan Ivanovic wrote:
> On my Slink placed on Inernet often appears auth port connection attempts
> from various sites...
> What (common) application needs this port?
irc server make ident connections to clients.
squid can use ident for authorization.
sendmail sometimes us
In message <[EMAIL PROTECTED]>, Alexa
nder Hvostov writes:
>MD5 as an algorithm supports a theoretically infinitely sized password (or
>other string), though of course it becomes less secure as the string's
>size increases. That said, I think the maximum password length supported
>by glibc (and, th
On my Slink placed on Inernet often appears auth port connection attempts
from various sites...
What (common) application needs this port?
P. S. V. P. U.
http://www.pobox.sk/
Ethan,
MD5 as an algorithm supports a theoretically infinitely sized password (or
other string), though of course it becomes less secure as the string's
size increases. That said, I think the maximum password length supported
by glibc (and, thus, PAM) is 128 bytes long.
Indeed, PAM is a potato th
On Wed, Mar 15, 2000 at 07:18:21PM -0600, Kama Lar wrote:
> On Wed, Mar 15, 2000 at 04:18:43PM -0700, Kevin wrote:
> > I find my rather upset that by default slink only allows a password length
> > of 7 characters max. Unfortunately I am not sure how to change it, and
>
> [clipped for sake of bre
On Wed, Mar 15, 2000 at 04:18:43PM -0700, Kevin wrote:
> I find my rather upset that by default slink only allows a password length
> of 7 characters max. Unfortunately I am not sure how to change it, and
[clipped for sake of brevity]
Enable md5 in /etc/pam/passwd, and in /etc/login.defs
Curt
16 matches
Mail list logo
