TCLUG Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [TCLUG:14910] system log question
It looks like your machine is attempting to identify the origin
of a connection through the ident daemon. Typically, the majority of
people run this on ftp servers and other remote access services as it
can provide the username and proc id of the connection. Most people turn
it off or filter it out (TCP/113) so it doesn't work most of the time.
Your logs seem to indicate that an auth-able application is attempting to
authenticate the user via ident, but it's not in the usual place (or you
don't have the pidentd package installed). If you comment it out of
inetd.conf, you'll prevent other sites from identifying you whenever you
connect (probably a good idea if you hit a lot of untrusted sites).
Peter Lukas
On Mon, 20 Mar 2000, Timothy Wilson wrote:
> Hi everyone,
>
> I've installed the program 'logcheck' to monitor my system logs and keep
> track of suspicious activity. I'm getting the following:
>
> Unusual System Events
> =-=-=-=-=-=-=-=-=-=-=
> Mar 20 06:01:02 www inetd[11987]: execv /usr/sbin/in.identd: No such file or directory
>
> Could someone explain what this is? Can I comment it out of /etc/inetd.conf?
>
> -Tim
>
> --
> Tim Wilson | Visit Sibley online: | Check out:
> Henry Sibley HS | http://www.isd197.k12.mn.us/ | http://www.zope.org/
> W. St. Paul, MN | | http://slashdot.org/
> wilson@visi.com | <dtml-var pithy_quote> | http://linux.com/
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tclug-list-unsubscribe@mn-linux.org
> For additional commands, e-mail: tclug-list-help@mn-linux.org
>
>