[ale] identd : privacy concerns
Joe Bayes
jbayes at occs.cs.oberlin.edu
Sat Jan 9 16:44:05 EST 1999
Seeing some unknown hostnames in my system logs inspired me to read up
on identd. As I understand it, identd allows anyone who knows the
local and remote ports of a TCP connection to find out the username of
the process which is running that connection.
I don't see a real use for this service, other than web sites
collecting email addresses to spam. RFC 1413 states that, "The use of
the information returned by this protocol for other than auditing is
strongly discouraged." Somehow I don't think the spammers feel too
discouraged about this.
Can anyone give me a legit and necessary use of identd, or some other
reason why I shouldn't disable it?
thanks,
--joe
More information about the Ale
mailing list