Re: Identd DoS Attacks
From: Peter H. Lemieux (phl@cyways.com)Date: 10/22/01
- Previous message: Patrick Ohnewein: "Re: SSH security"
- Maybe in reply to: Nick Sugiero: "Identd DoS Attacks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <3BD42F3F.3446EDC6@cyways.com> Date: Mon, 22 Oct 2001 10:37:51 -0400 From: "Peter H. Lemieux" <phl@cyways.com> To: focus-linux@securityfocus.com Subject: Re: Identd DoS Attacks
I use fakeidentd (http://hangout.de/fakeidentd/) to answer auth
requests. It runs as a standalone daemon, and replies with whatever
user@host you give it. I have it reply as "bin@localhost" to all
requests.
Earlier in this thread there was some discussion about the value of
identd. I've found it makes a difference in the performance of mail
exchangers, since the remote smtp host often makes an ident request in
advance of sending mail. At one time I tried sending REJECTs to ident
requests and found that some mail servers (mostly running HP-UX, if I
recall correctly) then refused to transfer the mail. Just dropping the
packets on the floor with DENY does work, but slows performance as the
remote server's waits for its ident request to time out.
Peter
Simon Byrnand wrote:
> At least one alternate ident daemon I know of - oidentd, can be configured
> to run in either inetd mode, or as a standalone daemon.
- Previous message: Patrick Ohnewein: "Re: SSH security"
- Maybe in reply to: Nick Sugiero: "Identd DoS Attacks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
