ident question
Joseph C. Lininger
jbahm at pcdesk.net
Mon Aug 4 20:25:23 EDT 2003
Ident does in fact reveal user ids. However, so does writing an email to someone in most cases. As far as whether or not you should run ident, I have it disabled and I have never had any problems related to not having it running. Supposedly, there are some sites that require it. However, these are a dying breed, and I've never seen one. If you don't need it, you should disable it. It is never a good idea to have something running that opens a port on your system unless you need the service it provides. You should also consider disabling services like finger, talk, and netstat except for on the local machine. If your not using nfs, shutdown the rpc portmapper as well. No other services I know of need it. Remember, you can always reenable any of these if you later discover you need them.
--
Joseph C. Lininger
jbahm at pcdesk.net
On Mon, 4 Aug 2003, Gregory Nowak wrote:
> Hi all.
>
> Still on the security theme, I read somewhere that it is a bad idea to
> run ident, because it can reveal user ids to potential crackers.
>
> Is it generally better to run ident, or not to run it?
> Thanks.
>
> Greg
>
>
>
More information about the Speakup
mailing list