On Mon, 14 Jul 1997, ;P wrote:
> hmmm...i get the same thing...people with userids of like...
> "fjrub east@ux1.cyberenet.net" or "wishbones south@ux1.cyberenet.net"
> ..according to sammy's reply this would happen if ident couldn't figure
> out the operating system of the user...but there are other users
> (including me) who log onto the mud and everything works out correctly...
> i think what may be happening is that these people are using programs
> like screen or tintin...i guess this could hide where the person is
> actually logging on from...shrug..
It's not ident not being able to figure out the operating system. The
client side of ident (your side) is for practical purposes just a simple
telnet session. You can even telnet to port 113 of a machine and give it
a port pair manually. The data you receive is dependent on the ident
server software on the other side. It's supposed to respond with either
UNIX, OTHER, or some other identifier, but it doesn't have to be correct.
You may see OTHER on a unix system that doesn't want to give you a
username.
The rfc has a security considerations section at the end that makes good
reading. It's a little long to be quoting here, but the general idea is
that while ident may help with logging connection data, it shouldn't be
relied on to provide security, since it's very easy to send fake info.
Sam
+-----------------------------------------------------------+
| Ensure that you have read the CircleMUD Mailing List FAQ: |
| http://cspo.queensu.ca/~fletcher/Circle/list-faq.html |
+-----------------------------------------------------------+
This archive was generated by hypermail 2b30 : 12/08/00 PST