blob: 216e31c93120868f7ff78fc3848664bdb3b4481d (
plain) (
tree)
|
|
didentd is a modular RfC1423 (identd) server for FreeBSD and Linux written
with security in mind. The Server normally runs chrooted under /proc/net on
an unprivileged id.
Normally didentd does not send an username but an encrypted audit token to
the client. This token contains all information about the requested
connection: userid owning the connection, source ip:port, destination ip:port,
a timestamp.
If a remote admin has a complaint about something from your machine he can
send this audit token back to you, you can pipe it through didentd-decrypt
and find out which user did the connection. didentd-decrypt outputs all the
information from the audit token. So you can have the benefit of ident
without revealing internal information from your system.
There is also didentd-name which is a server returning the username of the
uid owning the requested connection. This is the classic ident approach.
didentd-static is a server which delivers a fixed reply defined by the
administrator to every request.
WWW: http://c0re.23.nu/c0de/didentd/
|
