Subject: Re: identd with NAT and IPv6 support.
To: Jim Wise <>
From: Henry B. Hotz <>
List: current-users
Date: 04/02/2002 15:35:22
At 3:14 PM -0500 4/2/02, Jim Wise wrote:
>On Tue, 2 Apr 2002, Henry B. Hotz wrote:
>  >I've always considered that if I couldn't trust the machine I was
>>running on then I was pretty much hosed anyway.  CFS doesn't prevent
>>root from seeing your data files, nor Kerberos prevent root from
>>impersonating you.
>Fine.  Than since you trust `the machine', I assume you use .rhosts all
>over the place?  IP addresses are not hard to forge...

Ignoring the perhaps-unintentionally insulting tone of the last 
response I will note that it's a lot harder to forge source==dest 
packets from outside the machine in question than from inside it.
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government., or