Question about ident service

Discussion in 'Java' started by steen, May 23, 2010.

  1. steen

    steen Guest

    Hey,

    I got a quick question regarding java code and ident service.

    If I just do a quick Socket connection to an ftp server, like
    Socket s = new Socket("127.0.0.1", 1234);
    the ftp-server doesnt receive an ident response, but if I from a
    prompt do a
    telnet 127.0.0.1 1234
    the ftp-server does get an ident response.

    Can anyone point me to any info which can explain to me why that is
    and
    how I can get the ident response to work when connection from java
    also ?

    Thanks in advance
    Steen
    steen, May 23, 2010
    #1
    1. Advertising

  2. In article
    <>,
    steen <> wrote:

    > I got a quick question regarding java code and ident service.
    >
    > If I just do a quick Socket connection to an ftp server, like Socket
    > s = new Socket("127.0.0.1", 1234); the ftp-server doesnt receive an
    > ident response, but if I from a prompt do a telnet 127.0.0.1 1234 the
    > ftp-server does get an ident response.
    >
    > Can anyone point me to any info which can explain to me why that is
    > and how I can get the ident response to work when connection from
    > java also ?


    RFC1413 - Identification Protocol: "This is a connection based
    application on TCP."

    <http://www.faqs.org/rfcs/rfc1413.html>

    --
    John B. Matthews
    trashgod at gmail dot com
    <http://sites.google.com/site/drjohnbmatthews>
    John B. Matthews, May 23, 2010
    #2
    1. Advertising

  3. steen

    steen Guest

    On May 23, 9:37 pm, "John B. Matthews" <> wrote:

    >
    > RFC1413 - Identification Protocol: "This is a connection based
    > application on TCP."
    >
    > <http://www.faqs.org/rfcs/rfc1413.html>
    >


    Yes thats the ident protocol, but what puzzles me is that when I do a
    TCP connection
    from java, apparently it doesnt register (or whatever telnet does to
    enable ident response)
    with the ident service. If there a property I need to set or
    something ?

    To be completely explicit, what I'm doing in my program is to make a
    connection using the
    apache commons FTPSClient, and I need the ftp server to get an ident
    response because otherwise
    it will refuse my connection.

    /Steen
    steen, May 23, 2010
    #3
  4. steen

    Tom Anderson Guest

    On Sun, 23 May 2010, steen wrote:

    > On May 23, 9:37 pm, "John B. Matthews" <> wrote:
    >
    >> RFC1413 - Identification Protocol: "This is a connection based
    >> application on TCP."
    >>
    >> <http://www.faqs.org/rfcs/rfc1413.html>

    >
    > Yes thats the ident protocol, but what puzzles me is that when I do a
    > TCP connection from java, apparently it doesnt register (or whatever
    > telnet does to enable ident response) with the ident service. If there a
    > property I need to set or something ?


    Shouldn't be. The ident daemon should take care of it all. Are you making
    the java and telnet connections from the same machine? Is it possible
    there isn't an ident daemon running on the machine where the java program
    is running?

    > To be completely explicit, what I'm doing in my program is to make a
    > connection using the apache commons FTPSClient, and I need the ftp
    > server to get an ident response because otherwise it will refuse my
    > connection.


    This is slightly shocking, given that ident offers about as much security
    as crypt.

    tom

    --
    Pizza: cheap, easy, and portable. Oh, wait, that's me. Never mind. -- edda
    Tom Anderson, May 24, 2010
    #4
  5. In article
    <>,
    steen <> wrote:

    > On May 23, 9:37 pm, "John B. Matthews" <> wrote:
    >
    > > RFC1413 - Identification Protocol: "This is a connection based
    > > application on TCP."
    > >
    > > <http://www.faqs.org/rfcs/rfc1413.html>

    >
    > Yes thats the ident protocol, but what puzzles me is that when I do a
    > TCP connection from java, apparently it doesnt register (or whatever
    > telnet does to enable ident response) with the ident service. If
    > there a property I need to set or something ?


    Not one of which I'm aware.

    > To be completely explicit, what I'm doing in my program is to make a
    > connection using the apache commons FTPSClient, and I need the ftp
    > server to get an ident response because otherwise it will refuse my
    > connection.


    I assume you are using java.net.ServerSocket to implement the server.
    IIUC, such a server would have to implement RFC1413 explicitly. I don't
    know of an existing Java implementation.

    --
    John B. Matthews
    trashgod at gmail dot com
    <http://sites.google.com/site/drjohnbmatthews>
    John B. Matthews, May 24, 2010
    #5
  6. steen

    steen Guest

    On 24 Maj, 01:24, Tom Anderson <> wrote:
    > Shouldn't be. The ident daemon should take care of it all. Are you making
    > the java and telnet connections from the same machine? Is it possible
    > there isn't an ident daemon running on the machine where the java program
    > is running?

    Well the tests (the java and the telnet) are run from the same
    machine, so
    the ident daemon is running. It just wont give a response when the
    connection
    is made from java.

    > This is slightly shocking, given that ident offers about as much security
    > as crypt.


    I know, but unfortunately I have to connect to a legacy system, where
    replacing
    that is out-of-scope for my current task.

    /Steen
    steen, May 24, 2010
    #6
  7. steen

    steen Guest

    On 24 Maj, 01:36, "John B. Matthews" <> wrote:
    > Not one of which I'm aware.

    Hm, not the answer I was hoping for..;)

    > I assume you are using java.net.ServerSocket to implement the server.
    > IIUC, such a server would have to implement RFC1413 explicitly. I don't
    > know of an existing Java implementation.


    Well the server part is an old legacy system, but I would expect that
    the server
    implements RFC1413 since it gets an ident response when I connect
    using
    telnet.

    /Steen
    steen, May 24, 2010
    #7
  8. In article
    <>,
    steen <> wrote:

    > On 24 Maj, 01:36, "John B. Matthews" <> wrote:
    > > Not one of which I'm aware.

    > Hm, not the answer I was hoping for..;)
    >
    > > I assume you are using java.net.ServerSocket to implement the server.
    > > IIUC, such a server would have to implement RFC1413 explicitly. I don't
    > > know of an existing Java implementation.

    >
    > Well the server part is an old legacy system, but I would expect that
    > the server implements RFC1413 since it gets an ident response when I
    > connect using telnet.


    Is your Java client sending the correct query request to the server, as
    specified in section 4 of the RFC?

    4. QUERY/RESPONSE FORMAT

    <http://www.faqs.org/rfcs/rfc1413.html>

    --
    John B. Matthews
    trashgod at gmail dot com
    <http://sites.google.com/site/drjohnbmatthews>
    John B. Matthews, May 24, 2010
    #8
  9. steen

    steen Guest

    On May 24, 4:52 pm, "John B. Matthews" <> wrote:

    > Is your Java client sending the correct query request to the server, as
    > specified in section 4 of the RFC?
    >
    > 4. QUERY/RESPONSE FORMAT
    >
    > <http://www.faqs.org/rfcs/rfc1413.html>


    Well, I've tried to run a tcpdump on the test machine to see what goes
    on,
    and I can see that the ftp server does ask the ident-daemon for an
    ident,
    but when I connect to the server from java, the response is NO-USER.

    You can see the relevant tcpdump output here: http://pastebin.com/McJFb4nD

    The first 2 entries are when I connect to the ftp-server using telnet
    and
    the resonse is as expected.

    The last 2 entries are when I connect from java, and the response is
    NO-USER.

    Any thoughts ?

    /Steen
    steen, May 24, 2010
    #9
  10. steen

    Tom Anderson Guest

    On Mon, 24 May 2010, steen wrote:

    > On May 24, 4:52 pm, "John B. Matthews" <> wrote:
    >
    >> Is your Java client sending the correct query request to the server, as
    >> specified in section 4 of the RFC?
    >>
    >> 4. QUERY/RESPONSE FORMAT
    >>
    >> <http://www.faqs.org/rfcs/rfc1413.html>

    >
    > Well, I've tried to run a tcpdump on the test machine to see what goes
    > on, and I can see that the ftp server does ask the ident-daemon for an
    > ident, but when I connect to the server from java, the response is
    > NO-USER.
    >
    > You can see the relevant tcpdump output here: http://pastebin.com/McJFb4nD
    >
    > The first 2 entries are when I connect to the ftp-server using telnet
    > and the resonse is as expected.
    >
    > The last 2 entries are when I connect from java, and the response is
    > NO-USER.
    >
    > Any thoughts ?


    1. Try a unix and/or networking group as well as this one; i doubt this is
    a java problem per se.

    2. What user are you running the java program as? root?

    3. Does anyone have a .noident file in their home directory?

    4. What does

    netstat --inet -lp | grep $JAVA_PROGRAM_PID

    say while the connection is open? Anything weird?

    5. Has the java program sent anything over the socket at this point? Is it
    definitely still open? I wonder if identd can't work out the owner of a
    socket if it either hasn't been properly initialised yet (and there's some
    kind of lazy initialisation going on under the hood) or it's already been
    shut down.

    6. If you're on linux, try running identd under strace and looking for
    calls to sysctl - assuming you have a recent version of identd, that's how
    it retrieves information about connections. If you're not, then there
    should be some other combination of tracer and system call that does the
    equivalent. There may be something in the output from that that indicates
    why it doesn't spill the beans on the java program's connection.

    tom

    --
    For the first few years I ate lunch with he mathematicians. I soon found
    that they were more interested in fun and games than in serious work,
    so I shifted to eating with the physics table. There I stayed for a
    number of years until the Nobel Prize, promotions, and offers from
    other companies, removed most of the interesting people. So I shifted
    to the corresponding chemistry table where I had a friend. At first I
    asked what were the important problems in chemistry, then what important
    problems they were working on, or problems that might lead to important
    results. One day I asked, "if what they were working on was not important,
    and was not likely to lead to important things, they why were they working
    on them?" After that I had to eat with the engineers! -- R. W. Hamming
    Tom Anderson, May 24, 2010
    #10
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Erik Max Francis
    Replies:
    0
    Views:
    341
    Erik Max Francis
    Sep 27, 2003
  2. Erik Max Francis
    Replies:
    0
    Views:
    331
    Erik Max Francis
    Oct 22, 2003
  3. malachi
    Replies:
    0
    Views:
    534
    malachi
    Mar 23, 2005
  4. Alexander Kozlovsky

    dict!ident as equivalent of dict["ident"]

    Alexander Kozlovsky, May 21, 2006, in forum: Python
    Replies:
    5
    Views:
    348
    Alexander Kozlovsky
    May 22, 2006
  5. WTH
    Replies:
    1
    Views:
    158
Loading...

Share This Page