From owner-freebsd-security  Sun Jun  3  0:31:12 2001
Delivered-To: freebsd-security@freebsd.org
Received: from hq.stars.eu.org (pa54.bialystok.sdi.tpnet.pl [213.25.59.54])
	by hub.freebsd.org (Postfix) with SMTP id E4F9637B422
	for <freebsd-security@freebsd.org>; Sun,  3 Jun 2001 00:31:07 -0700 (PDT)
	(envelope-from spock@stars.eu.org)
Received: (qmail 38139 invoked by uid 1001); 3 Jun 2001 07:31:03 -0000
Received: from localhost (sendmail-bs@127.0.0.1)
  by localhost with SMTP; 3 Jun 2001 07:31:03 -0000
Date: Sun, 3 Jun 2001 09:31:03 +0200 (CEST)
From: Marcin Jurczuk <spock@stars.eu.org>
To: freebsd-security@freebsd.org
Subject: Re: Identd via natd
In-Reply-To: <3B19D534.78A81EE2@softweyr.com>
Message-ID: <Pine.BSF.4.21.0106030927020.38134-100000@hq.stars.eu.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

On Sun, 3 Jun 2001, Wes Peters wrote:

> Marcin Jurczuk wrote:
> > 
> > Hello all !
> > I have a NAT FreeBSD box.
> > One of our users use internet connection from out network to hack other
> > network server. I cat identify him because log from hacked server shows
> > random identds responses from NAT box.
> > The question is: Is there any non-random, and non-global ident support for
> > natd for FreeBSD like for ipfilter on OpenBSD (oidentd) ?
> 
> /usr/ports/security/oidentd?


NO oidentd don't NAT identd support FreeBSD platform :-( There in no ident
daemon in ports tree which can do this kind of service.

> 
> > I can't set one ident response because there are some shell accounts and
> > they need correct response.
> 
> Define what you mean by "correct response."  If you think you mean "giving
> away information nobody else really needs to have," think again.  Identd is
> a stupid solution to a non-problem.  Run liedentd and be happy.
Correct answer is that user john have identd response "john"
like normal ident and user from 192.168.0.10 behind NAT has response i.e
"box10" of course if there in not box10 account :-).

> No you don't.  What you need is: 
> Stupid Request -> Response that doesn't disclose private data.

Perhaps ..

Have a nice day..
================================================
	     Marcin 'Spock' Jurczuk 
Intitute of Physics     University of Bialystok 
<spock@physics.uwb.edu.pl> <spock@stars.eu.org> 
================================================


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message