3 Apr 2002 01:10
Re: identd with NAT and IPv6 support.
Matt Doughty <mdoughty <at> japan.ea.com>
2002-04-02 23:10:27 GMT
2002-04-02 23:10:27 GMT
> > >I've always considered that if I couldn't trust the machine I was > >running on then I was pretty much hosed anyway. CFS doesn't prevent > >root from seeing your data files, nor Kerberos prevent root from > >impersonating you. > > Fine. Than since you trust `the machine', I assume you use .rhosts all > over the place? IP addresses are not hard to forge... > He was talking about users on the same host. Its trivial and proper to block packets from the network with 127.0.0.0/8 or the machines own ip addr. I don't care for Ident in general, but that doesn't mean it has no uses at all. --Matt -- -- "Take away them collisions and the common channel and it's like Christianity without Christ." -Jim Breen (speaking about "full-duplex" Ethernet)
RSS Feed