Ident Server

[exdol]

Does anyone use ident services. I am currently trying to install SQUID to do username authentication but the documentation states:

You can use ident to allow specific users access to your cache. This requires that an ident server process runs on the user's machine(s)

I am currently surfing to find out what it is, but I would be happy to hear the experts.

[jamrock]

Never heard of it actually. ;D ;D ;D

Your adventures with Squid are quite interesting.

Keep us posted.

[exdol]

Squid works fine now with both IP and MAC address policies. But in a few weeks this configuration will not be sufficient as my network configuration will change. I will be breaking the now over 500 PCs on my flat network in smaller networks by creating virtual LANs.

From what I have read the SQUID server will not be a to service clients on other subnets from the one it is on. So I am not looking at the option in SQUID to use ident - identification services, which should allow for username authentication.

Redhat 8.0 disto CDs has this package on the third CD. The service runs on port 113. I am now trying to locate the Windows equivalent as this service should be running on the client machines, according to the documentation.

Will definitely keep you posted.

[BlackCryptoKnight]

Using the identd service may not be the best option for proxy authentication. You should check out using ldap or linking back to the Windows Domain Controllers.

Here's some articles on identd -

Identification Protocol (also known as "auth" protocol, from the name given it in the UNIX /etc/services file), specified by RFC-1413, is a pointless and potentially dangerous protocol.
http://www.clock.org/~fair/opinion/identd.html

Identd for Windows 95/98/Me
http://identd.sourceforge.net/

What do the "identd" lines in my syslog mean? Is this a security exposure? Can I turn off identd?
http://www.faqs.org/faqs/computer-se...section-4.html

[jamrock]

What is the difference between creating virtual LANS and sub-netting?

[BlackCryptoKnight]

[quote author=jamrock link=board=8;threadid=2420;start=0#msg23268 date=1069724201]
What is the difference between creating virtual LANS and sub-netting?
[/quote]

When the term "VLAN" is used, usually it refers to dividing the ports on a switch into different Virtual LANS. So you can have different networks running on the same switch. http://net21.ucdavis.edu/newvlan.htm

Subnetting is when you take an existing IP address space and create a number of networks from that address space http://www.ralphb.net/IPSubnet/

VLANs involve segmenting based on layer 2 information while subnetting uses layer 3 information. Of course, you can assign subnets to VLANS and you can even route between VLANS - provided that you pass inter-VLAN traffic through a router.

[exdol]

[quote author=BlackCryptoKnight link=board=8;threadid=2420;start=0#msg23267 date=1069724166]
Using the identd service may not be the best option for proxy authentication. You should check out using ldap or linking back to the Windows Domain Controllers.

Here's some articles on identd -

Identification Protocol (also known as "auth" protocol, from the name given it in the UNIX /etc/services file), specified by RFC-1413, is a pointless and potentially dangerous protocol.
http://www.clock.org/~fair/opinion/identd.html

Identd for Windows 95/98/Me
http://identd.sourceforge.net/

What do the "identd" lines in my syslog mean? Is this a security exposure? Can I turn off identd?
http://www.faqs.org/faqs/computer-se...section-4.html

[/quote]

Thanx Crypto I will check these out. Now this is the kind of expertise I am talking about.

[exdol]

[quote author=BlackCryptoKnight link=board=8;threadid=2420;start=0#msg23269 date=1069725046]
When the term "VLAN" is used, usually it refers to dividing the ports on a switch into different Virtual LANS. So you can have different networks running on the same switch. http://net21.ucdavis.edu/newvlan.htm

Subnetting is when you take an existing IP address space and create a number of networks from that address space http://www.ralphb.net/IPSubnet/

VLANs involve segmenting based on layer 2 information while subnetting uses layer 3 information. Of course, you can assign subnets to VLANS and you can even route between VLANS - provided that you pass inter-VLAN traffic through a router.
[/quote]

That is correct. I couldn't have summarized it better myself. Sometimes they so seem like the same thing.

[BlackCryptoKnight]

This section of the Squid FAQ gives info on proxy authentication methods
http://www.squid-cache.org/Doc/FAQ/FAQ-23.html

[exdol]

[quote author=BlackCryptoKnight link=board=8;threadid=2420;start=0#msg23296 date=1069769106]
This section of the Squid FAQ gives info on proxy authentication methods
http://www.squid-cache.org/Doc/FAQ/FAQ-23.html
[/quote]

I was just at this site. My hard drive crashed (old hardware that I am playing with) so I will have to re-install and wheel and forward again.

Thanx Alot.