Subject: Re: identd with NAT and IPv6 support.
To: Jim Wise <firstname.lastname@example.org>
From: Matt Doughty <email@example.com>
Date: 04/03/2002 08:10:27
> >I've always considered that if I couldn't trust the machine I was
> >running on then I was pretty much hosed anyway. CFS doesn't prevent
> >root from seeing your data files, nor Kerberos prevent root from
> >impersonating you.
> Fine. Than since you trust `the machine', I assume you use .rhosts all
> over the place? IP addresses are not hard to forge...
He was talking about users on the same host. Its trivial and proper to
block packets from the network with 127.0.0.0/8 or the machines own ip
addr. I don't care for Ident in general, but that doesn't mean it has
no uses at all.
"Take away them collisions and the common channel and it's like Christianity
without Christ." -Jim Breen (speaking about "full-duplex" Ethernet)