On Mon, 5 Dec 1994, Matthew Harding wrote:
> We have been receiving numerous queries on this port... can anyone tell
> me if it is used by some standard program, or if we should be concerned
> at all regarding this activity? Please respond directly and I will post
> a summary in a few days.
authd, pauthd, identd and ident all descend from RFC 931; which as other
have said are used to determine who is opening a TCP connection to your
machine. RFC 1413 defines how this "information" is returned.
Generally speaking I would venture to say that is on the safer side of
services that can be allowed. If you choose to disallow it however, I
would imagine there would be problems if you also sent a ICMP Unreach --
causing all TCP connections to close between the two hosts. (Yours and
the one that you're querying)
If you do choose to allow it, I would spend some time considering how
trustworthy the auth data you're getting back is. What if someone
purposely hacked their side to falsify information? Then your logging
based on identity would be worthless.
Jonathan Heiliger | "Because Windows/NT is too important
The Boom Group, Inc. | to entrust to Intel" - MIPS
com | Open RISC Technology