Re: [Code] Idents

From: Sammy (samedi@DHC.NET)
Date: 07/14/97


On Mon, 14 Jul 1997, Akuma/Chris Baggett/DOOMer wrote:

> Ok, i installed the ident patch, and after a few trial runs,
> I started getting bugged out usernames, most of em ended up having
> crap like   n e w s ]
<snip>
> anyway, i logged the string sent from the person's Ident server,
> and i got something similar to this
> the
> 45626 , 9001 : USERID : OTHER : [m/LHmzTTLcFOcnJvlBAe0jjRxQ4JzfAQ]
<snip>

From RFC1413:

     Unless "OTHER" is specified as the operating system
     type, the server is expected to return the "normal"
     user identification of the owner of this connection.
     "Normal" in this context may be taken to mean a string
     of characters which uniquely identifies the connection
     owner such as a user identifier assigned by the system
     administrator and used by such user as a mail
     identifier, or as the "user" part of a user/password
     pair used to gain access to system resources.  When an
     operating system is specified (e.g., anything but
     "OTHER"), the user identifier is expected to be in a
     more or less immediately useful form - e.g., something
     that could be used as an argument to "finger" or as a
     mail address.

     "OTHER" indicates the identifier is an unformatted
     character string consisting of printable characters in
     the specified character set.  "OTHER" should be
     specified if the user identifier does not meet the
     constraints of the previous paragraph.  Sending an
     encrypted audit token, or returning other non-userid
     information about a user (such as the real name and
     phone number of a user from a UNIX passwd file) are
     both examples of when "OTHER" should be used.

Basically this means the machine is sending you non-standard data, so
unless you know how their implementation is encoding the data, it's just
jibberish to you.

> if this is so, how am i supposed to find out the username?
> i've also noticed, that the username code is always the same length,
> and has []  (brackets) around it.

You might be able to find out what the data is if you can find out why
it's encrypted like that.  You might get some clues by finding out the
operating system, who's running it, what it commonly connects to, etc.

> If anyone can help me solve this problem, (i currently changed the code
> to not even worry about OTHER type strings for now)
> i would appreciate any input or ideas.  Mainly, I wouldn't mind talking
> to the guy who came up with the Ident patch :-)

The rfc has a lot of useful info available.  Personally I think adding the
patch is a waste of time and code.  Most people on university lab
computers and ppp connections won't be identifiable, and you never know if
you're getting the real username (maybe you can with finger).  Take a look
at jidentd at sunsite some time.  It's a replacedment identd server that
allows you to hide users by name, give them ident aliases by name, or to
give all users on your machine the same alias.  You could just as easily
hack any identd source and make it do anything you like.

So if you see me on your mud and get the address piss_off@dhc.net, don't
bother trying to mail me at that address, because it doesn't really exist
;)

Sam


      +-----------------------------------------------------------+
      | Ensure that you have read the CircleMUD Mailing List FAQ: |
      |   http://cspo.queensu.ca/~fletcher/Circle/list-faq.html   |
      +-----------------------------------------------------------+



This archive was generated by hypermail 2b30 : 12/08/00 PST