
                                                     
                                                       
               ۰߰     ܰ۰  
             ۱      ܱ߰    ۰
             ۱          ۱      ۰  
                 ܰ߱    ߰۲    
               Outbreak Magazine Issue #7 - Article 8 of 16
           '~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'


- - - - - - - - - - - - - - -
the uselessness and dangers of identd
by: antimatt3r
Jun 6 2002
- - - - - - - - - - - - - - -

	The identification protocol (also knows as 'auth' on *nix systems)
is specified by RFC1413. This protocol in my opinion is useless and
potentially dangerious. The objective of this text is to inform you of the
uselessness and insecurities and make you wonder why the hell someone
integrated this protocol into the Internet.

	Okay the first thing is that its rediciolusly pointless. The first
fundamental assumption behnd this protocol is that computers are multi-user
timesharing systems with secured operating systems. So if someone is running
windows you've already got that one falsified. The second is that the
computer user and the computer admin are different people. This isint such a
bad assumption, because most of us dont log in as root on *nix and start
running our everyday routine. But, on windows, most of us have our user
account set as the administrator. The third and final assumption is that the
systems admin is trustworthy. This is about the most brilliant one of them
all.

	The upshot of these assumptions is that when recieving an ident
response you can trust the data that identifies a user who is trying to use
a network service on your server, because the admin on the other side who is
watching over his system and users with an eagle eye will readily and
happily identify his users to you, because you asked.

	Once again, the majority of computer systems on the Internet violate
ALL the assumptions, becuase they are running windows which are single user,
not secure at all and have the user and admin as the same person. As for the
admin being trustworthy who knows. The data that any computer will return
has no bona fides or other utility other than as a random string or bits
which may or may not relate in any way to the user of the system. Even the
author of RFC1413 says that the protocol cant be used for anything real (
section 6).

	The reason that the identification protocol is dangerous is that
there are some server admins who seem to believe that ident has some
utility, because they require it to use their services. (dalnet admins)
These people are deluding themselves, lulling themselves into a completeley
false sense of security - they believe that with ident they have an audit
trail which they can use to grab users who abuse their services. As the
protocol description above demonstrates, this is the assumption of a fool.

	For the final part of this text I would like to talk about why
dalnet requires that you give a ident response. When connecting to dalnet
you get the 'checking ident' signal and then usually ident response comes
through, if there is no ident response, you/we get akilled. If you whois
someone on dalnet and they have a ~ in front of their hostname (eg.
~antimatt3r@suckme.net) their ident was not verified. It seems that dalnet
dosent really care if people send fake ident responses because if you look
on http://kline.dal.net/exploits/unixident.htm they supply a 'fakeident' RPM
package. So now not only is the dalnet hierarchy fucking dumb, but they are
supplying tools to evade the rules that the have put in place.

	If your stuck without ident working, make sure your auth port is
uncommented in /etc/inetd.conf and try fowarding ports 5990 thru 6000 as
well as 113 if your on a routed intranet. If your using mIRC its in options
- connect - idnetd.

EOF
