ident

I keep getting these in my /var/log/messages:

Dec 11 14:32:49 li3-194 identd[11257]: request_thread: read(10, …, 1023) failed: Connection reset by peer

Dec 11 14:33:28 li3-194 identd[11263]: request_thread: read(9, …, 1023) failed: Connection reset by peer

Dec 11 14:34:08 li3-194 identd[11266]: request_thread: read(9, …, 1023) failed: Connection reset by peer

Dec 11 14:35:48 li3-194 identd[11275]: request_thread: read(9, …, 1023) failed: Connection reset by peer

Dec 11 14:37:12 li3-194 identd[11282]: request_thread: read(9, …, 1023) failed: Connection reset by peer

Dec 11 14:38:13 li3-194 identd[11290]: request_thread: read(9, …, 1023) failed: Connection reset by peer

Is this the effect of having 300 in your tcp timeout time?

-Ashen

6 Replies

Probably not. "Connection reset by peer" implies that the far end is closing the connection. However, since identd is a completely pointless protocol these days, you can probably just disable the daemon. (Or do some IRC servers still require it? If so, someone needs to cluebat them…)

Alot of them do, not including mine-because alot of the spambots and other fodder (ddos botnets) use servers that don't have ident installed, simply because they are hijacked connections.

Requiring ident doesn't block them all, but does block most of them. Most insecure proxies used for abuse on IRC (flood attacks, etc) don't have ident either and are blocked for the same purpose.

I don't block them simply because its easier to deny them access to the network by akilling them. May have to eventually though if it gets bad enough. Most 'major' networks do require ident however. Dalnet is a good example. Most of them DO check for ident though, but if you don't have it, after a few seconds pause, will let you on, but put a ~ in front of your hostmask to indicate ident failed.

@U:

Alot of them do, not including mine-because alot of the spambots and other fodder (ddos botnets) use servers that don't have ident installed, simply because they are hijacked connections.
Well, that makes a little sense, I guess, but only for a little while. It won't be long before the bots start responding to ident requests.

> Most of them DO check for ident though, but if you don't have it, after a few seconds pause, will let you on, but put a ~ in front of your hostmask to indicate ident failed.
That, OTOH, is completely pointless. The contents of an ident response are meaningless. I can make the ident service on my machine say anything I want it to. The ident protocol was invented when people didn't have their own internet connections and run their own services. Nowadays, it don't mean diddly squat.

I guess the general consensus is that, yes, you could easily make your ident server say whatever it wants, but most of the spammers and pests on IRC don't bother with ident, which makes a ~!@* ban valueable to some networks to eliminate some of the issues, is all.

I guess the reason why it works is because most of the bad stuff comes from boxes that have been exploited, and the installation of ident on that box would likely draw attention to the fact its been exploited perhaps….. who knows.

I don't personally do it on my network because I don't think it stops much, but some networks do. They have various reasons, I guess.

Getting back to the problem at hand, does anyone have any ideas how to fix

this? I get it on pretty much any irc server I connect to… surely it's a bug some

where in my system, rather then all the other servers all being broken?

-Ashen

Ok I've fixed this myself.

The problem was I'd set the identd to return 'OTHER' instead of 'UNIX'

as the O/S, and most irc networks don't like this, so they started giving my

identd the cold shoulder.

A simple edit of /etc/identd.conf and service identd restart

fixed it.

-Ashen

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct