Home page logo

bugtraq logo Bugtraq mailing list archives

Re: analysis of auditable port scanning techniques
From: "D. J. Bernstein" <djb () CR YP TO>
Date: Mon, 15 Jan 2001 22:01:17 -0000

Dan Harkless writes:
Theo de Raadt just informed me via email that OpenBSD fixed their identd to
only report SS_CONNECTOUT sockets in 1996.

The MTA and the FTP server and many other daemons will make outgoing TCP
connections upon request. This bogus ``fix'' does not achieve the stated
goal of keeping the daemon usernames secret. Meanwhile, it wipes out
useful logs for some portmap-style protocols. (Rare protocols, I agree.)

The correct approach is to encrypt the uid under a secret key. This has
been built into pidentd for years.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]