How Ident Works
The Ident Protocol is designed to work as a server daemon, on a user's computer, where it receives requests to a specified port, generally 113. The server will then send a specially designed response that identifies the username of the current user.
Usefulness of Ident
The usefulness of Ident is limited to circumstances when:
* The user connecting is not the administrator of the machine. This is only likely for shared machines using a
* The service trusts the administrator of the remote machine. This is only likely for hosts in a common security domain such as within a single organization.
* The server trusts that the remote host is the machine it claims to be. This is only easily arranged for hosts on a local area network or virtual network where all hosts on the network are trusted and new hosts cannot easily be added due to physical protection. For machines on remote networks it would require some form of DNS authentication which is uncommon.
Nonetheless Ident is widely used and considered useful by some. Dialup hosts or shared shell servers often provide it as a service to other systems to enable abuse to be tracked back to specific users.
The ident protocol is considered dangerous because it allows hackers to gain a list of
usernames on a computer systemwhich can later be used for attacks. A generally accepted solution to this is to set up a generic/generated identifier, returning node information or even gibberish(from the requesters point of view) rather than usernames.
Ident is important on IRC as a large number of people connect to IRC servers via bouncers which either serve multiple users or are hosted on shared servers. Some users also use clients on
Unix shells. Without ident there would be no way to ban a single user of a bouncer from a channel or network without banning the entire host running the bouncer. The bouncer operator may also need this information to identify the abusive user. When an IRC server fails to get an identd response it has to fall back on the username given by the client. Ircds usually prefix usernames obtained directly from the client software with a tilde to indicate that they are not ident usernames and may be faked by the user (although with modern single-user home computers, the ident username itself may be set to whatever the user wants and is often returned by the same IRC client as the rest of the client information). Some IRC servers even go as far as blocking clients without an ident response , the main reason being that it makes it much harder to connect via an " open proxy" or a system where you have compromised a single account of some form but do not have root .
Special identds are used by those running large numbers of bouncers or a single bouncer that supports multiple users to allow bouncer usernames to be returned rather than simply the name of the user account on the system the bouncer is running under.
* RFC 912 - Authentication Service
* RFC 931 - Authentication Server
Daniel J. Bernstein: [http://www.watersprings.org/pub/id/draft-bernstein-tap-00.txt TAP] - INTERNET DRAFT 1992
Daniel J. Bernstein: [ftp://ftp.lysator.liu.se/pub/ident/doc/why-tap.txt Why TAP?] A White Paper, draft 3 920820
* RFC 1413 - Identification Protocol
* RFC 1414 - Identification MIB
* Peter Eriksson: [ftp://ftp.lysator.liu.se/pub/ident/TAPvsIDENT TAPvsIDENT] 3 Nov
Damien Doligez: [http://www.geckil.com/~harvest/tcpip-docs/why-encrypt.txt Why encrypt ident/TAP replies?] 1994.02.22
Wikimedia Foundation. 2010.
Look at other dictionaries:
Ident — im TCP/IP‑Protokollstapel: Anwendung Ident Transport TCP Internet IP (IPv4, IPv6) Netzzugang Ethernet Token … Deutsch Wikipedia
Ident — (читается идэнт) это протокол, описанный в RFC 1413. Он предназначен для идентификации пользователя, устанавливающего TCP соединение. Сервер, реализующий протокол ident, называется identd (идэнт дэ). Содержание 1 Схема работы 2 Применение ident … Википедия
ident — <zu ↑Identität> (österr.) identisch; vgl. ↑...isch/ … Das große Fremdwörterbuch
ident — UK [ˈaɪdent] / US noun [countable] Word forms ident : singular ident plural idents business an image or short film shown on television which tells you which channel you are watching … English dictionary
ident — noun /ˈaɪdɛnt/ a) Identification. In 1999 Chaudoir and fellow BBC designer Tim Platt were given the task of rebranding the existing BBC2 idents. b) A brief visual sequence serving to identify the broadcaster. ...the intruder installed an IRC bot… … Wiktionary
ident — identisch; ebenso; wie; genauso; gleich; gleichartig; ohne Unterschied; dasselbe * * * idẹnt <Adj.>: österr. häufig für ↑identisch: Bei einem Ausgabekurs von 100 ist die Rendite mit der Nominalverzinsung i. (Wochenpresse 25. 4. 79, 18) … Universal-Lexikon
ident — vice président … Dictionnaire des rimes
Ident. — Identifikation; Identifizierung; Identität EN identification; identity … Abkürzungen und Akronyme in der deutschsprachigen Presse Gebrauchtwagen
ident. — identifizieren; identisch EN to identify; identical … Abkürzungen und Akronyme in der deutschsprachigen Presse Gebrauchtwagen
IDENT — Aircraft Identification Contributor: CASI … NASA Acronyms