Skip to content

Instantly share code, notes, and snippets.

@a-raccoon

a-raccoon/ident.md

Last active July 5, 2016 23:59
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save a-raccoon/5098640 to your computer and use it in GitHub Desktop.
Save a-raccoon/5098640 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
ident.md

Back to Connecting.

Ident, The Identification Protocol

[12:34] -irc.paraphysics.net- *** Processing connection to irc.paraphysics.net
[12:34] -irc.paraphysics.net- *** Looking up your hostname...
[12:34] -irc.paraphysics.net- *** Checking Ident
[12:34] -irc.paraphysics.net- *** Found your hostname
* Identd request from 198.3.160.3
* Identd replied: 17074, 6697 : USERID : UNIX : johnsmith
[12:34] -irc.paraphysics.net- *** Got Ident response

(An example of an Ident request upon connecting to an IRC server using the mIRC client software)

  1. What is Ident and Identd?
  2. Why do I need it?
  3. Why is it sometimes required?
  4. How can I tell if I have an Ident?
  5. Resources

What is Ident and Identd?

Ident (or Identification Protocol, or Auth) is an early Internet standard adopted and revised in 1984 and 1985 and revised again in 1993. It provides a very basic method for an Internet server to request a client user's identity, in the form of a short userid (eg, the prefix of an email address). In practice on IRC, an Ident string can be any 1 to 10 character word picked by the user, or the computer owner, or the network administrator, or maybe their Internet service provider (ISP)... whoever intercepts the request first.

Identd (or Ident Daemon) refers to the actual software that behaves as an Ident Server which listens for, receives and answers Ident requests on TCP port 113.

Why do I need it?

Most of the time you probably won't need it. However, since you are reading this, there's a good chance you might. If you find yourself inexplicably banned or restricted from accessing an IRC network, server or channel, it may be a result of having no Ident. You may also require an Ident to utilize some network services, access bots, or participate in channel managment.

Why is it sometimes required?

Since IRC is a very basic chat protocol with limited or non-existant access controls, there is little in the way of restricting abusive users from engaging in or repeating abusive behaviors. If a user has been banned from a channel or network, usually based on their IP address, they may attempt to rejoin from a different computer using a different IP address... one that is not theirs. This may be acheived via proxy server or compromised computer acting as a middle-man for their connectivity, but they wouldn't usually have full network control over it.

Due to the nature of the Ident Protocol, it can only be accessed when it has been enabled by someone with full control over their Internet connection and the computer(s) and equipent they're using on that network. Therefor, it is implied that someone who does not have an Ident may not have full control over that network, so they may not have explicit permission or desire to access IRC from it.

By only allowing users with full network control to join, it can significantly limit the avenues of ban evasion and repeating abuse.

that allows persistant 24/7 connections

it is often times abused as a means of connecting, collecting, monitoring and controlling remote computers, often compromised and without the owner's knowledge, proxies bots zombies malware trojans

which lends to a near anonymity

since very few other computer users and network administrators enable Ident unless they are knowingly conncting to IRC.

who are also network owners capable of answering an Ident response

How can I tell if I have an Ident?

If you are already connected to an IRC server, you can use the /whois command to inspect your Ident. If you see a ~ (tilde) before the userid, that means Ident is not working properly. If no ~ is present, that means your Ident was seen by the server and you are good!

If your nickname is Johnny, you would type: /whois Johnny

Johnny is **~**johnsmith@2600.dhcp.ispglobal.net * You can call me John.

The above example has a ~ so Ident is not working properly.

Johnny is johnsmith@2600.dhcp.ispglobal.net * You can call me John.

The above example has no ~ so Ident is working properly.

Identd turned off or blocked by your firewall(s) or router. If you're connecting

Since few other Internet technologies today still use Ident, the assumption is that Ident equates to IRC usage. (xxx: move to/or mention later in a section on security and anonymity)

Resources

Authorship: Raccoon (2013)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment