[ale] identd : privacy concerns

Jim Kinney jkinney at teller.physics.emory.edu
Sat Jan 9 21:51:41 EST 1999


I was under the opinion that identd is used to verify that the machine
accepts mail for and individual user as well as the "problem" stuff you
refered to. I see lots of identd lines in my logs being called from the
mail gateway I talk to.

James Kinney M.S.Physics		jkinney at emory.edu
Educational Technology Specialist	404-727-4734
Department of Physics Emory University	http://teller.physics.emory.edu

On Sat, 9 Jan 1999, Joe Bayes wrote:

> 
> Seeing some unknown hostnames in my system logs inspired me to read up
> on identd. As I understand it, identd allows anyone who knows the
> local and remote ports of a TCP connection to find out the username of
> the process which is running that connection. 
> 
> I don't see a real use for this service, other than web sites
> collecting email addresses to spam. RFC 1413 states that, "The use of
> the information returned by this protocol for other than auditing is
> strongly discouraged." Somehow I don't think the spammers feel too
> discouraged about this.
> 
> Can anyone give me a legit and necessary use of identd, or some other
> reason why I shouldn't disable it? 
> 
> thanks,
> 
> --joe
> 






More information about the Ale mailing list