Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 3 Jun 2001 09:31:03 +0200 (CEST)
From:      Marcin Jurczuk <spock@stars.eu.org>
To:        freebsd-security@freebsd.org
Subject:   Re: Identd via natd
Message-ID:  <Pine.BSF.4.21.0106030927020.38134-100000@hq.stars.eu.org>
In-Reply-To: <3B19D534.78A81EE2@softweyr.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Sun, 3 Jun 2001, Wes Peters wrote:

> Marcin Jurczuk wrote:
> > 
> > Hello all !
> > I have a NAT FreeBSD box.
> > One of our users use internet connection from out network to hack other
> > network server. I cat identify him because log from hacked server shows
> > random identds responses from NAT box.
> > The question is: Is there any non-random, and non-global ident support for
> > natd for FreeBSD like for ipfilter on OpenBSD (oidentd) ?
> 
> /usr/ports/security/oidentd?


NO oidentd don't NAT identd support FreeBSD platform :-( There in no ident
daemon in ports tree which can do this kind of service.

> 
> > I can't set one ident response because there are some shell accounts and
> > they need correct response.
> 
> Define what you mean by "correct response."  If you think you mean "giving
> away information nobody else really needs to have," think again.  Identd is
> a stupid solution to a non-problem.  Run liedentd and be happy.
Correct answer is that user john have identd response "john"
like normal ident and user from 192.168.0.10 behind NAT has response i.e
"box10" of course if there in not box10 account :-).

> No you don't.  What you need is: 
> Stupid Request -> Response that doesn't disclose private data.

Perhaps ..

Have a nice day..
================================================
	     Marcin 'Spock' Jurczuk 
Intitute of Physics     University of Bialystok 
<spock@physics.uwb.edu.pl> <spock@stars.eu.org> 
================================================


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0106030927020.38134-100000>