On 23-Sep-2000 William Jensen wrote: >> Running a vanilla identd is a Bad Thing IMHO. It helps attackers >> identify >> usernames and find out under what UIDs daemons are running (eg. if >> sendmail >> is running as root). > > Is there a secure way of providing the information an IRC server wants, > while > rejecting the cracker's attempts?
I've pointed out oidentd in a previous post. It can be configured to return a random string instead of the username.
