external ident security

Unique · 01-10-2004, 11:51 AM

If someone has external ident on true its easy for the users to spoof their ips (being able to use a *@localhost ioFTPD/ioFTPD account for instance) since they could simply send a idnt with a made up ip to it.

Wouldnt it be more appropriate to allow only certain ips using the external idnt feature?

Its not that important, just sharing a thought.
UNi

darkone · 01-10-2004, 01:17 PM

Don't allow direct access to site, if you use bouncers. IDNT can only be supplied once, after that client will be disconnected if he uses the command. (neat uhh?)

darkone · 01-10-2004, 01:18 PM

You can use Hosts.Rules to control access.

Unique · 01-10-2004, 01:41 PM

ah sounds logical indeed :P
somehow my mind thought host rules would apply to idnt too..
dunno why i thought that, probably since the host rules would otherwise be almost useless if using a bnc.. (limiting connections per country and stuff like that)
Then again if people need such stuff (for some reason) they prolly dont use a bnc anywayz

Thnx d1..
(people with bnc have to up the max connections per ip in host rules then i guess...and use user limits.)