[ previous ] [ next ] [ threads ]
 
 From:  Falcor <falcor at netassassin dot com>
 To:  Brandon Holland <brandon at cookssaw dot com>
 Cc:  "'Mitch (WebCob)'" <mitch at webcob dot com>, m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] windows built in "ident"...
 Date:  Tue, 30 Dec 2003 11:44:35 -0800 
I use a PERL application that mimics an IDENTd daemon.  I then forward 
all identd requests to that unix server.  All my internal clients then 
can access IRC and other identd based auth systems with no problems. 
 And I don't risk much as the perl script simply replies with what I put 
in a text file as the ident info, and not a compramizable component on a 
windows box.

Brandon Holland wrote:

>You can allow IDENT based on certain IP's (say if you use a select group
>of IRC servers)
>
>And if we can add a "REJECT" you don't even have to fully allow ident
>anyway.  (Leave out your IRC app as a possibly hackable component)
>
>-----Original Message-----
>From: Mitch (WebCob) [mailto:mitch at webcob dot com] 
>Sent: Tuesday, December 30, 2003 2:43 AM
>To: m0n0wall at lists dot m0n0 dot ch
>Subject: [m0n0wall] windows built in "ident"...
>
>this may not be in here yet... maybe it's not easy... but if someone
>could
>point me in the right direction that would be a start...
>
>Other firewalls support passing requests made by certain applications...
>zone alarm or black ice for example - and the parts they have integrated
>with linksys routers... can detect a bogus HTTP request generated by a
>program OTHER THAN Internet Explorer (like by a virus or a messenger
>program
>trying to circumvent the firewall) and shut them down...
>
>They are able to detect the NAME of the application initiating the
>request...
>
>I'm thinking this is parallel to identd, but seems to be built into
>windows... Does anyone know what it's called or where the protocol is
>defined? Could be an interesting addition... I'd like to poke around in
>this
>area, but can't find where to start.
>
>Thanks.
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>  
>