Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!sun-barr!lll-winken!uunet!wuarchive!csus.edu!uop!nsayer
From: nsayer@uop.edu (Nick Sayer)
Newsgroups: comp.protocols.tcp-ip
Subject: How widespread is RFC931 on the internet?
Message-ID: <27b1bd10.20dc@uop.uop.edu>
Date: 7 Feb 91 20:48:16 GMT
Organization: University of the Pacific, Stockton, CA [138.9.200.1]
Lines: 26

We've just put in an RFC931 authd daemon on our system.
Some experimental connection attempts to other sites'
auth ports resulted in refused connections, which
leads me to believe that not many sites have authd
set up. Is this the case?

For those of you unfamiliar with the concept, it allows
a system on one end of a TCP stream to ask the system
on the other end what user (by user ID string) is
responsible for the stream. For example, if a user
telnets to some site and manages to break into someone's
account, a record could be made not only of the site from
where he came, but the account he came from. This
makes the potential audit trail a little easier to
follow.

I am considering hacking the in.telnetd at our site
so that it will insist on having authd set up at
sites telneting in, but if not many sites have an
auth daemon running, there's not much point.

-- 
Nick Sayer               | Disclaimer: "Don't try this at home, | RIP: Mel Blanc
mrapple@quack.sac.ca.us  | kids. This should only be done by    |   1908-1989
N6QQQ  [44.2.1.17]       | trained, professional idiots."       |  May he never
209-952-5347 (Telebit)   |                     --Plucky Duck    |  be silenced.