The only service I am running is "identd". I'm wondering what it is
used for and what it is needed for. Typically, the man page is no help.
I was under the impression that my ISP required it, at least for some
services, but I haven't verified that yet. I know I can control what
info it returns.
This was in my /var/log/messages file:
Jul 18 11:17:50 zzz identd: from: 184.108.40.206 ( BIG-SCREW.MIT.EDU ) for: 3185, 8001
Jul 18 11:17:50 zzz identd: Successful lookup: 3185 , 8001 : xxx.yyy
Jul 18 11:37:56 zzz -- MARK --
Jul 18 11:41:44 zzz identd: from: 220.127.116.11 ( world-f.std.com ) for: 3194, 80
Jul 18 11:41:44 zzz identd: Returned: 3194 , 80 : NO-USER
The last pair was repeated several times over a couple of hours.
1) Do these kind of uses look normal?
2) What are the risks in providing this service with (non)bogus info?
3) What do ISPs normally use the info for?
4) I've been noticing those "MARK" lines lately. What's that?
Post answers only to NG, thanks.