JdeBP
JdeBPAt least one attacker who queries IDENT servers is using the ports straight out of the example in Wikipedia.
I've updated #djbwares 10 to 12 on the WWW page.
Thank you for the reminder. I do need to get back to this.
Excellent.
Yes, the latest released versions are supposed to be a version behind the actual development source. I freeze the source, do a binaries release, and start a new development version.
So #redo latest binary release is 1.5, and #nosh is 1.41.
#djbwares is at version 12, with version 13 under development. I must have forgotten to update the WWW page.
I have an HTTP server. It's sitting just over the other side of the room at the moment, having recently been moved away from pride of place next to my left elbow.
Mind you, I don't put the massive attack surface of bloody WordPress on it.
It does GOPHER, too.
It's #djbwares httpd, and gopherd, and geminid come to that. All static. All readonly. Running on NetBSD.
Just for kicks, I made the WWW pages downloadable over the FINGER and NICNAME protocols too.
And I usually edit its pages in #NeoVIM. (-:
Early results are not promising. I've had a handful of HEAD requests in the past day. Only 2 appear legitimate, in that they hit genuine page URLs. The others were attempts to exploit WordPress vulnerabilities.
It makes me think that there's one well-behaved 'bot drowned in a sea of ill-behaved ones.
I'm just instrumenting #djbwares httpd to log GET and HEAD differently. I wonder what I'll see.
A truly universally portable #clockspeed is probably impossible. It has only recently become more than amd64-only. (AFAIAA, I'm the only one who has done the work to add another ISA.) Even then, it makes specific assumptions about the processor that aren't necessarily true (and which are called out in the manual, q.v.).
http://jdebp.info/Softwares/djbwares/guide/commands/clockspeed.xml
I wrote an IDENTD for OS/2 around the turn of the century.
I added one to #djbwares just recently to see what of this old stuff is even hit any more. IDENT was barely in use back then.
It's surprising to see that a GOPHER sever is (a) quickly jumped on when set up, (b) regularly mis-treated as speaking HTTP or SIP; whereas at the same time there are WWW robots that do not even recognize gopher: as a URL schema, and treat it as a relative URL.
I was amused to see that you actually had a thorough IDENT client, that checked for errors; instead of Bernstein's one that just counts the colons and assumes success.
Not that anyone with xyr head screwed on should be using IDENT for authentication.
http://jdebp.info/Softwares/djbwares/guide/commands/identd.xml
I suppose that I should give this tool the motto "I am root.". (-:
#s6networking #s6 #djbwares #ucspitcp #GuardiansOfTheGalaxy #IDENT