Ident
| Identd | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Operation area: | communication | ||||||||||||||||||||||||
| Port: | 113 / TCP | ||||||||||||||||||||||||
|
|||||||||||||||||||||||||
| Standards: | RFC 1413 (1993) | ||||||||||||||||||||||||
Ident is a network protocol that a server can use to determine which user in a multi-user system has opened a specific TCP connection. Ident uses the Transmission Control Protocol on port 113 and is specified in RFC 1413 .
Ident messages always consist of a line of ASCII text, which is terminated by a line break with the characters <CR> <LF>.
A request is structured as follows:
<Port auf dem Zielsystem>, <Lokaler Port>
Valid responses repeat the request and take one of the following forms:
<Port auf dem Zielsystem>, <Lokaler Port> : USERID : <Betriebssystem> : <Benutzername> <Port auf dem Zielsystem>, <Lokaler Port> : ERROR : <Fehlermeldung>
Areas of application for the Ident protocol are, for example
- Simple Mail Transfer Protocol : If an Ident request is sent to the sender system when a mail is accepted and the Ident response is included in the headers of the e-mail , the operator of the sender system is able to later assign fake mails to his users
- Internet Relay Chat : Here it enables the channel operator, for example, to exclude a single user from the discussion instead of an entire host
Example scenario
Establishing an SMTP connection
A user "tei" on the client computer 10.10.10.10 establishes a connection to the SMTP server 10.20.20.20:25 with any client port 31010 .
Every TCP connection can be clearly identified from the quadruple source-IP , source-port , destination-IP , destination-port . For this SMTP connection the data is:
| Properties of the SMTP connection | ||
|---|---|---|
| IP address | port | |
| Source | 10/10/10/10 | 31010 |
| Destination | 10.20.20.20 | 25th |
Ident lookup
In order to find the right connection and assign it to a user, the Identd needs the corresponding quadruple of IPs and ports.
The Ident client (in this case e.g. the SMTP daemon) now establishes a connection from the destination IP of the SMTP connection (10.20.20.20) to any source port (e.g. 42020) to the source IP of the SMTP connection to the well-known port of the Identd (port 113). This means that the Identd knows two of the four properties of the TCP connection about which it should provide information: The source and destination IP.
So that the Identd can uniquely identify the connection, the Ident client now has to communicate the source and destination port of the SMTP connection . To do this, it sends the ports of the SMTP connection to the Ident server:
31010, 25
The Ident-Daemon searches for the connection and its users with the corresponding IP and port quadruple using an interface to the TCP / IP stack of the operating system. The Ident-Daemon then replies with the operating system ID of its server, e.g. B. "UNIX", and the user name of the owner of the TCP connection, "tei":
31010, 25 : USERID : UNIX : tei
The Ident connection is closed. The SMTP daemon now knows the name of the user who established the SMTP connection and can use this information e.g. B. in the e-mail header.