[lug] open port
Peter Hutnick
peter at fpcc.net
Fri Mar 29 16:46:34 MST 2002
On Friday 29 March 2002 03:37 pm, D. Stimits wrote:
> Ident isn't really authentication, it's only real purpose is
> anti-spoofing.
> It's archaic and weak, but I don't think it is a risk,
> it is a help.
First, I'd consider it a personal favor if you would trim your replies.
The problem with your argument is that that you grant that it is weak. I
assert that people rely on it. The logical conclusion is that it is
therefore a risk.
To draw a parallel, it is like telnet. It can be used to good effect in some
situations, but for the most part it is more of a liability than an asset.
The simplest policy is to not use it.
-Peter
More information about the LUG
mailing list