ircii question
in [Debian]
|
From: Andrei Popescu on 6 May 2008 15:10 On Fri, May 02, 2008 at 03:40:42PM -0500, Mumia W.. wrote: > Indeed that can be a problem. I have pidentd disabled, but I can use IRC > because I've opened port 113 (auth/ident) in my firewall. If the port is > closed but accessible, most IRC servers will allow the connection. This is the default for shorewall. Now I understand why I never had troubles with ident. Regards, Andrei -- If you can't explain it simply, you don't understand it well enough. (Albert Einstein)
From: Rich Healey on 7 May 2008 02:20 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 H�kon Alstadheim wrote: > s. keeling wrote: >> Jude DaShiell <jdashiel(a)shellworld.net>: >> >>> What package or packages need to be installed so when I connect to >>> an irc server I don't get the message Ident is disabled? >>> >> >> pidentd >> >> >> > I would also think something like inetd or xinetd would be good. Identd > should not need to run all the time, letting (x)inetd fire it up as > needed would be better. > > Hot tip: consider carefully how much you reveal about your machine > through the ident service. > Security through obscurity is now offically dead. If someone wants access to your box, because of the absurd bandwidth available to a cracker (botnet, anyone?), they'll just try every xploit in their db, regardless of it's compatibility with your alleged system. You might as well just have ident running, I forward 113 onto my fBSD machine, so my whole network appears to be 6.2-current (yes i'm too lazy to upgrade) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIIUhnLeTfO4yBSAcRAr7OAKChiweZOROjgttqCBxPgknofVLUnwCeNu0y mvn+hJTScF4jmG570RMpvqA= =uTPD -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org
From: Chris Bannister on 7 May 2008 04:50 On Wed, May 07, 2008 at 04:12:56PM +1000, Rich Healey wrote: > If someone wants access to your box, because of the absurd bandwidth > available to a cracker (botnet, anyone?), they'll just try every xploit > in their db, regardless of it's compatibility with your alleged system. Sure, but how often do "they" want it *that* bad, when there are heaps of insecure Windows machines out there with a *combined* bandwidth rivalling anything that any single entity would have. > You might as well just have ident running, I forward 113 onto my fBSD > machine, so my whole network appears to be 6.2-current (yes i'm too lazy Hey, there's no need to give them a helping hand. -- Chris. ====== "One, with God, is always a majority, but many a martyr has been burned at the stake while the votes were being counted." -- Thomas B. Reed -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org
|
Pages: 1 Prev: Need Desperate Help Installing Debian-Builder Next: Can't resolve ftp.us.debian.org |