Re: Port 113 security
From: Curt Hastings (curt@ips.edu)
Date: 03/14/03
- Previous message: bugtraq@virtual.dyc.edu: "Local security scanner"
- In reply to: Björn Eriksson: "Re: Port 113 security"
- Next in thread: Axel Beckert - ecos gmbh: "Re: Port 113 security"
- Reply: Axel Beckert - ecos gmbh: "Re: Port 113 security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Curt Hastings <curt@ips.edu> To: focus-linux@securityfocus.com Date: Fri, 14 Mar 2003 13:22:00 -0500
On Wednesday 12 March 2003 3:27 pm, Björn Eriksson wrote:
> On Mon, Mar 10, 2003 at 02:17:53PM -0500, Peter H. Lemieux wrote:
> > I use fakeidentd to send a standardized reply to all requests:
> >
> > http://hangout.de/fakeidentd/
>
> Version 1.2 on that page. version 1.6 had a buffer overflow vuln. I
> think 1.7 from http://www.guru-group.fi/~too/sw/releases/identd.c is
> more safe.
You might be interested in OpenBSD's identd -- the -h option in particular.
[man identd]
-h Hide the actual information about the user by providing an opaque
token instead. This token is entered into the local system logs
so that the administrator can later discover who the real user
was.
This does permit some information to leak out, but it opaque. Here is a log entry.
Mar 12 01:31:35 tokyo identd[8970]: request for (45724,25) from localhost.ips.edu
Mar 12 01:31:35 tokyo identd[8970]: token txjyl7b0xtvamk8fpsdx == uid 25 (smmsp)
It might be possible to port this to Linux, but I haven't checked.
Curt
- Previous message: bugtraq@virtual.dyc.edu: "Local security scanner"
- In reply to: Björn Eriksson: "Re: Port 113 security"
- Next in thread: Axel Beckert - ecos gmbh: "Re: Port 113 security"
- Reply: Axel Beckert - ecos gmbh: "Re: Port 113 security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
