Profile

unixronin: Galen the technomage, from Babylon 5: Crusade (Default)
Unixronin

Links

December 2012

S M T W T F S
      1
2345678
9101112131415
16171819202122
23242526272829
3031     

Navigation

Page Summary

Most Popular Tags

Expand Cut Tags

No cut tags

Succinctly put: why ident sucks

unixronin: A somewhat Borg-ish high-tech avatar (Techno/geekdom)
[personal profile] unixronin
Wednesday, August 10th, 2005 02:06 pm

As I've been saying for years, "identd (identification protocol) is pointless and potentially dangerous."  At least one of my readers (yes, you) will immediately recognize this analysis...

(By the way, I think there's one point you missed on the issue of its pointlessness:  These days, just about every system that one might reasonably expect to provide a trustworthy and useful ident response -- except within enterprises -- is behind NAT anyway, and ident doesn't work through NAT to my knowledge.  If anyone knows of a firewall that does properly forward ident across NAT, please let me know -- I'm curious.)

  • Current Music: Jethro Tull :::: Crest of a Knave :::: Mountain Men   [ddj]
Flat | Top-Level Comments Only

[identity profile] databeast.livejournal.com
Wednesday, August 10th, 2005 10:16 pm (UTC)
yes, there are ident servers out there than handle NAT

you have to run them on the NAT box though.

ident is t3h g4y anyway. horrible protocol for needs of a time LOOONG past.

IRC servers need to stop using it and we can quietly let it die now.

I've blocked ident() at the FW level for the post 7 years or so, it's never given me a single problem doing that.

ext_85396: (Default)
[identity profile] unixronin.livejournal.com
Thursday, August 11th, 2005 09:48 am (UTC)

ident is t3h g4y anyway. horrible protocol for needs of a time LOOONG past.

IRC servers need to stop using it and we can quietly let it die now.


I am in full agreement with this. It's not like every Windows IRC client doesn't already forge it anyway.
Flat | Top-Level Comments Only