Why do we still use IDENTD?

← Back to Stories (view on slashdot.org)

Posted by Cliff on Monday December 9, 2002 @12:26AM from the I've-been-wondering-the-same-thing dept.

Wakko Warner asks: "So anyway, I was on IRC the other day (as I am often wont to do), and, as I was being banned from the network for not running 'identd', I thought to myself: 'Why do we still use this???' Can anyone come up with a valid reason why, in 2002, ident is still considered by some people to be a necessary component of the Internet? Most people use Windows for everything, and Windows has no identity services. Most UNIX folks I know disable it for security reasons. So, why do people still insist we run it in order to connect to their network? Is it still 1993 in some part of the world?"

4 of 102 comments (clear)

Min score:

Reason:

Sort:

Whoa! by Anonymous Coward · 2002-12-09 00:33 · Score: -1, Troll

If you don't use it, anyone can connect anonymously! The identd tells the server which of the users of the workstation which is connecting to the server you are. If you're trouble, the irc-admin can call your admin and tell him exactly which user needs a LARTing. Without identd, all he sees is an ip-address, but no name. You don't want to hand terrorists the ability to hide their identity on irc, OR DO YOU?
Re:No up upheaval of the IRC protocol by Anonymous Coward · 2002-12-09 02:51 · Score: -1, Troll

Ident should be one of the things removed completely from the next version of the protocol should it ever arrive.
There is absolutely nothing in the IRC protocol that says anything at all about identd. IRC servers run identd because the server admins decided their server requires identd running on clients (or because those who wrote the ircd daemons decided that identd was required of the clients, which is exactly equivalent given a competent *nix admin). Don't complain to the RFC writers - complain to your server admins.
That being said, I'm glad most IRC servers require identd. The only people I've ever seen using IRC are the warez fiends and the script kiddies. I certainly don't want that filth using any of my machines, and I can be fairly certain my users won't be using IRC (on alternate ports or encapsulated or whatever) if I stick them behind a NAT.
If you want to use IRC, go right ahead - but you're not going to do it on any of my networks since IRC has no legitimate purposes.
The BOFH has spoken.
Re:Worthless for unix accounts too. by ivan256 · 2002-12-09 03:31 · Score: 0, Troll

No serious systems administrator running a public or private access unix system with user accounts allows such valuable user information out onto the net.

Valuable information like the username?

Oh, wait.. This is a troll...
Question by Anonymous Coward · 2002-12-09 08:10 · Score: -1, Troll

It seems the problem lies in an advantage of Windows machines over UNIXes. In windows, any user can bind to any port; in Unix the first 1024 ports are privledged so only root can use them. The weakness is lack of fine-grained security in UNIX. Fortunately, at least in linux 2.6, we'll see ACL's and better filesystems (Reiserfs 4 with files as directories) and virtual filesystems (like kernelfs/driverfs/systemfs) that allow greater control of all aspects of the system, including IP ports, and greater granularity with user access control lists.