[Plug-security] Is it appropriate for anonymous proxy servers to surreptitiously run IDENT?

[Samizdatt]

"J.Francois" wrote:
> 
> You don't understand.
> This person sent abuse complaints to my ISP for IDENTD lookups that he
> captured at his firewall.
> 
> After emailing me and my ISP I emailed the RFC for IDENTD to the
> ISP and the person.
> 

I had no way of knowing that you owned the "unknown host" sending the SYN packets to my port 113. The box you're using to do the ident lookups doesn't have a DNS name. Had I known it was your box, I would never have contacted your ISP. I harbor no ill will against you.

> Apparently he didn't like that my ISP and I didn't agree with him so he
> brought it to this mailing list possiby in an attempt to embarass me.
> 

Your ISP never returned my 2 email messages. I'm just thankful that they didn't take any action against you, and I have absolutely no desire to embarrass you. I think you're doing something good.

> I can email the exchange between me, this user, and my ISP via
> private mail on request.
> 
> Personallyn I say, since I have been doing this since 1997 this is the
> first time I have gotten this kind of complaint.
> 

The complaint I sent was directed against the owner of the box sending the IDENT requests. I couldn't possibly know who owned it because there was no DNS name for its IP address. Had I known it was your box, I'd never have sent the complaint to the ISP in the first place. Again, I'm sorry...


> Your are right, it is a free service and if you don't like how
> it works, go somewhere else is my philosophy.
> 
> Too bad others don't think that way.
>