NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Linux Security Auditing Project> 2001-q1

From: Roman Drahtmueller (drahtsuse.de)
Date: Thu Feb 08 2001 - 12:05:51 CST

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Not quite on the same topic, but is there anything out there that
> actually demands identd to run on the connecting client other than IRC
> servers (sometimes)?

Negative. The protocol is really that useless. The only advantage that you
might have is to see libwrap syslog-entries as userschnick.host if you
trust the host that has been asked, but _only_ if you trust it.
Considering that some of the implementions allow users to have their
config file that is being looked up by the server, it's rendered useless
again if not otherwise configured.
The thread-safe segfault suicide when you try to overflow the input might
be just as useful as the protocol.

>
> Cooper
>

Roman.

-- 
 -                                                                      -
| Roman Drahtmüller      <drahtsuse.de> //          "Caution: Cape does |
  SuSE GmbH - Security           Phone: //       not enable user to fly."
| Nürnberg, Germany     +49-911-740530 // (Batman Costume warning label) |
 -                                                                      -

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]