Tcp Wrappers Question..
hey folks, I keep seeing this on the internet
“The user name lookup feature of TCP Wrappers uses identd to identify the username of the remote host. By default, this feature is disabled, as identd may appear hung when there are a large number of TCP connections.”
but I cant seem to find out how/where to enable said feature.
Jason
3 thoughts on - Tcp Wrappers Question..
authd or identd has to be enabled on the CLIENTS, and its a completely untrustworthy system. the user information is sent in cleartext with no validation, and if the remote client is under someone elses control they can install a authd/identd that replies with anything they wish.
in CentOS6, at least, to install and enable authd, do…
# yum install authd
….
# chkconfig auth on
See the man pages for hosts_options and hosts_access. It is rare for systems to support RFC 931 and common for firewalls to drop requests
(creating long delays in connections), so user name lookup is probably only useful within a private network of systems that you control, on which you have enabled identd on each client system.
understood. this is just on a local network.. thanks for the info