Firewalls: Re: ident service

Firewalls
(March 1997)

Indexed By Thread: [Previous] [Next]

Subject:	Re: ident service
From:	"Sameer R. Manek" <manek @ challenger . atc . fhda . edu>
Date:	Mon, 17 Mar 1997 15:47:15 -0800 (PST)
To:	"Martin C. Walker" <martinw @ epcorp . com>
Cc:	firewalls @ GreatCircle . COM, fw-1-mailinglist @ checkpoint . us . com
In-reply-to:	<3 . 0 . 32 . 19970317105331 . 006c4bb0 @ mail . epcorp . com>
Reply-to:	"Sameer R. Manek" <manek @ challenger . atc . fhda . edu>

On Mon, 17 Mar 1997, Martin C. Walker wrote:

> I have recently cut over to a new isp.  the new isp requires
> me to accept the ident service at the firewall where my previous
> provider did not.  what problems does this leave me open to ?
>
The biggest problem you are open to is remote sites that you access
can get lists of users names. (especially sites that run tcp wrapper)

This can be used to gather users lists, which depending on your 
security policy can be bad. (do you allow finger? or smtp's vrfy
or expn?) 

> also, does anyone know when 2.1c will be available for solaris ?

i dunno

Follow-Ups:

Re: ident service
From: peter @ baileynm . com (Peter da Silva)

References:

ident service
From: "Martin C. Walker" <martinw @ epcorp . com>

Indexed By Date	Previous:	Re: ITSEC WinNT C2 rating From: Ron DuFresne <dufresne @ parka . winternet . com>
Indexed By Date	Next:	success From: "Jeffrey L. Oliver" <oliver @ hg . uleth . ca>
Indexed By Thread	Previous:	Re: ident service From: Chris Larsen <vader @ inet . uni-c . dk>
Indexed By Thread	Next:	Re: ident service From: peter @ baileynm . com (Peter da Silva)