warning in /var/log/messages
Bob George
plug@bobspc.dhs.org
Thu, 18 May 2000 09:08:46 -0700
I'm coming into this late...
"Don Harrop" <don@nis4u.com> wrote:
> [...] What does auth or identd do? If it's not that great
> to have running by the inetd super server why would it be in there in the
> first place?
Identd basically allows a remote system to query your system for the user of
a particular port. It returns rudimentary info consisting of your username
and the type of system you're on. The only thing I've seen that would
REQUIRE ident/auth is IRC. Many IRC servers won't let you in without it
running. The good news is that there are usually ways to fake them out, and
if you don't use IRC, then it's a complete non-issue. Removing it is a good
idea.
Going the other way, you can configure your inetd (tcp wrappers) to make an
ident query whenever someone connects to a service. See the rfc931 option in
hosts_options (man hosts_options). In this way, you *might* get some useful
info back if someone's poking at your system (if -- and only if -- THEY are
running auth/identd).
The hosts_options manpage is worth spending some time with in general!
- Bob