HPE Community
Operating System - HP-UX
1819504 Members
3044 Online
109603 Solutions
New Discussion юеВ

Security Scan

 
joe_91
Super Advisor

тАО10-04-2006 07:37 AM

тАО10-04-2006 07:37 AM

Security Scan



Ident Service (Potential Bot/Zombie) Detected


Check to see if the ident service was started legitimately. If not, or if not required, disable the ident service. Also, scan the host with an updated antivirus scanner for infection.

what does the Ident Service mean? Also there is no Virus in Unix right?

Thanks

Joe
0 Kudos
Reply
5 REPLIES 5
Ivan Krastev
Honored Contributor

тАО10-04-2006 07:58 AM

тАО10-04-2006 07:58 AM

Re: Security Scan

I think this is output from some security scanner. Take a look at /etc/inetd.conf - maybe you have ident service running. If you don't need it simply comment that line (with #) and reload inetd (inetd -c).

regards,
ivan
0 Kudos
Reply
spex
Honored Contributor

тАО10-04-2006 08:07 AM

тАО10-04-2006 08:07 AM

Re: Security Scan

Joe,

The ident protocol identifies the username of the current user to a (remote) process. It runs on 113/tcp by default. This is most likely a false positive.

To disable identd, comment out the appropriate line in /etc/inetd.conf and 'inetd -c'.

For more information on ident:
http://en.wikipedia.org/wiki/Ident

There are UNIX viruses, but their number is tiny compared to the Windows world.

PCS
0 Kudos
Reply
john D_3
Frequent Advisor

тАО10-04-2006 09:01 AM

тАО10-04-2006 09:01 AM

Re: Security Scan

Hi,

Please comment the following line in /etc/inetd.conf file:

ident stream tcp wait bin /usr/lbin/identd identd

and run inetd -c

Thanks
0 Kudos
Reply
Bill Hassell
Honored Contributor

тАО10-04-2006 12:56 PM

тАО10-04-2006 12:56 PM

Re: Security Scan

ident is one of the archaic Unix services that are almost never used but like finger and rwho, they provide too much information about your system. Just comment it out and inetd -c re-read the file. Other archaic services:

uucp ntalk time daytime echo discard chargen


Bill Hassell, sysadmin
0 Kudos
Reply
Robert Fritz
Regular Advisor

тАО10-05-2006 03:32 AM

тАО10-05-2006 03:32 AM

Re: Security Scan

The only really popular thing I can think of that (currently) relies on it is ServiceGuard.

Those Who Would Sacrifice Liberty for Security Deserve Neither." - Benjamin Franklin
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.