Firewalls: Re: ident service

Firewalls
(March 1997)

Indexed By Thread: [Previous] [Next]

Subject:	Re: ident service
From:	Chris Larsen <vader @ inet . uni-c . dk>
Date:	Wed, 19 Mar 1997 00:33:43 +0100 (MET)
To:	firewalls @ GreatCircle . COM
In-reply-to:	<332EC23F . 6E68 @ co . santa-barbara . ca . us>

On Tue, 18 Mar 1997, John Snyder wrote:

> I have been watching and reading the list for a couple of weeks and
> observed some discussion on the "ident service".  Is this the same thing
> as the "Authentication Service" that uses port 113?  I've not been able
> to get a clear understanding of the use of port 113 to know whether to
> allow it across the firewall.  (When in doubt I shut it out much to the
> chagrin of some users.)
> 
> Thanks,
> jhs
> 
RFC1413: http://www.cis.ohio-state.edu/htbin/rfc/rfc1413.html
and 'man identd(8)' gives you a pretty good idea what it is about.


If the service needs supported, let it return the HIDDEN_USER, thus you will
still comply to the RFC, provide the proper identd response and still 
maintain status quo on the firewall policy of this service..

Just my 0.02 $ worth..


Chris Larsen                    | We learn from history, 
vader @
 inet .
 uni-c .
 dk             | that we do not learn from history...
System Manager                  |
Struers A/S                     | All opinions expressed herein are my own
                                | and _not_ those of my employers !!.

References:

Re: ident service
From: John Snyder <snyder @ co . santa-barbara . ca . us>

Indexed By Date	Previous:	Re: sendmail on firewall From: Adam Shostack <adam @ homeport . org>
Indexed By Date	Next:	On FW-1 and Hypercom's NMS protocol From: drexx @ sunphil . mozcom . com (Dexter D. Laggui)
Indexed By Thread	Previous:	Re: ident service From: Doug Hughes <Doug . Hughes @ Eng . Auburn . EDU>
Indexed By Thread	Next:	Re: ident service From: "Sameer R. Manek" <manek @ challenger . atc . fhda . edu>