1 files changed, 70 insertions, 0 deletions
diff --git a/informationals/teso-i0021.txt b/informationals/teso-i0021.txt
new file mode 100644
index 0000000..b421fb8
--- /dev/null
+++ b/informationals/teso-i0021.txt
@@ -0,0 +1,70 @@
+0021 2000/04/15  pidentd VERSION Linux distribution fingerprinting
+==== TESO Informational =======================================================
+This piece of information is to be kept confidential.
+===============================================================================
+Description ..........: pidentd VERSION Linux distribution fingerprinting
+Date .................: 2000/04/15 17:00
+Author ...............: scut
+Publicity level ......: known
+Affected .............: identd daemons
+Type of entity .......: method to obtain information
+Type of discovery ....: useful information
+Severity/Importance ..: low
+Found by .............: version infos by TESO people
+===============================================================================
+There are lots of different Linux distributions, and although you can often
+determine the distribution used from their banners, such as the telnet banner
+or the HTTP Server response field, it is difficult to determine the
+distribution from a hardened Linux box. They often only have SSH and identd
+enabled.
+However, most people don't know about the identd "VERSION" request, where the
+most popular ident daemon used by almost every Linux distribution, the pidentd,
+answers with it's own version number and compile time.
+Here is a list compiled through the help of TESO and friends, that will help
+you to determine the distribution remotely. Thanks go out to all the people
+that send in those lines :-)
+To get the version, just do:
+(echo VERSION ; sleep 2) | telnet localhost 113
+Please mail new distribution and identd version information to
+scut@nb.in-berlin.de, so I can keep this list up to date.
+0 , 0 : X-VERSION : <text>
+<text>                                                       Distribution
+------------------------------------------------------------ ------------------
+2.6.1 (Compiled: 17:21:18 Jul  2 1998)                       Debian 2.0
+2.6.1 (Compiled: 17:47:13 Feb 13 1999)                       Debian 2.1
+2.5.1                                                        DLD 5.41 Pro
+pidentd 3.0.7 for Linux 2.2.13-22 (Nov  7 1999 00:18:10)     Halloween 4
+INVALID-PORT                                                 SlackWare 4
+2.8.3 (Compiled: 00:36:16 Oct 22 1999)                       SlackWare 7
+2.7.4 (Compiled: 06:11:54 Aug 22 1998)                       SuSE 5.3
+2.7.4 (Compiled: 13:20:35 Dec 14 1998)                       SuSE 6.0
+2.7.4 (Compiled: 06:22:26 Apr 15 1999)                       SuSE 6.1
+2.7.4 (Compiled: 13:22:44 Jul 23 1999)                       SuSE 6.2 EVAL
+2.7.4 (Compiled: 17:09:12 Aug 22 1999)                       SuSE 6.2
+pidentd 3.0.7 for Linux 2.2.10 (Nov  8 1999 20:30:25)        SuSE 6.3
+pidentd 3.1a14 for Linux 2.2.14 (Mar 24 2000 22:28:31)       SuSE 6.4
+UNKNOWN-ERROR                                                RedHat 5.2
+2.8.3 (Compiled: 22:18:25 Jan 27 1999)                       RedHat 6.0 Publish
+2.8.5 (Compiled: 22:13:48 Mar 21 1999)                       RedHat 6.0
+pidentd 3.0.7 for Linux 2.2.5-22smp (Sep 13 1999 20:16:57)   RedHat 6.1
+pidentd 3.0.10 for Linux 2.2.5-22smp (Feb 22 2000 16:14:21)  RedHat 6.2
+0 , 0 : ERROR : INVALID-PORT                                 Stampede Linux
+------------------------------------------------------------ ------------------
+Also, the 3.* versions of the pidentd daemon respond to case mixed VERSION
+requests, such as "vERSION", while the 2.* versions need a case fixed "VERSION"
+request and otherwise doesn't recognize it as a command.
+===============================================================================

diff --git a/informationals/teso-i0021.txt b/informationals/teso-i0021.txt new file mode 100644 index 0000000..b421fb8 --- /dev/null +++ b/informationals/teso-i0021.txt
@@ -0,0 +1,70 @@
	1	0021 2000/04/15 pidentd VERSION Linux distribution fingerprinting
	2
	3	==== TESO Informational =======================================================
	4	This piece of information is to be kept confidential.
	5	===============================================================================
	6
	7	Description ..........: pidentd VERSION Linux distribution fingerprinting
	8	Date .................: 2000/04/15 17:00
	9	Author ...............: scut
	10	Publicity level ......: known
	11	Affected .............: identd daemons
	12	Type of entity .......: method to obtain information
	13	Type of discovery ....: useful information
	14	Severity/Importance ..: low
	15	Found by .............: version infos by TESO people
	16
	17	===============================================================================
	18
	19	There are lots of different Linux distributions, and although you can often
	20	determine the distribution used from their banners, such as the telnet banner
	21	or the HTTP Server response field, it is difficult to determine the
	22	distribution from a hardened Linux box. They often only have SSH and identd
	23	enabled.
	24
	25	However, most people don't know about the identd "VERSION" request, where the
	26	most popular ident daemon used by almost every Linux distribution, the pidentd,
	27	answers with it's own version number and compile time.
	28
	29	Here is a list compiled through the help of TESO and friends, that will help
	30	you to determine the distribution remotely. Thanks go out to all the people
	31	that send in those lines :-)
	32
	33	To get the version, just do:
	34
	35	(echo VERSION ; sleep 2) \| telnet localhost 113
	36
	37	Please mail new distribution and identd version information to
	38	scut@nb.in-berlin.de, so I can keep this list up to date.
	39
	40	0 , 0 : X-VERSION : <text>
	41
	42	<text> Distribution
	43	------------------------------------------------------------ ------------------
	44	2.6.1 (Compiled: 17:21:18 Jul 2 1998) Debian 2.0
	45	2.6.1 (Compiled: 17:47:13 Feb 13 1999) Debian 2.1
	46	2.5.1 DLD 5.41 Pro
	47	pidentd 3.0.7 for Linux 2.2.13-22 (Nov 7 1999 00:18:10) Halloween 4
	48	INVALID-PORT SlackWare 4
	49	2.8.3 (Compiled: 00:36:16 Oct 22 1999) SlackWare 7
	50	2.7.4 (Compiled: 06:11:54 Aug 22 1998) SuSE 5.3
	51	2.7.4 (Compiled: 13:20:35 Dec 14 1998) SuSE 6.0
	52	2.7.4 (Compiled: 06:22:26 Apr 15 1999) SuSE 6.1
	53	2.7.4 (Compiled: 13:22:44 Jul 23 1999) SuSE 6.2 EVAL
	54	2.7.4 (Compiled: 17:09:12 Aug 22 1999) SuSE 6.2
	55	pidentd 3.0.7 for Linux 2.2.10 (Nov 8 1999 20:30:25) SuSE 6.3
	56	pidentd 3.1a14 for Linux 2.2.14 (Mar 24 2000 22:28:31) SuSE 6.4
	57	UNKNOWN-ERROR RedHat 5.2
	58	2.8.3 (Compiled: 22:18:25 Jan 27 1999) RedHat 6.0 Publish
	59	2.8.5 (Compiled: 22:13:48 Mar 21 1999) RedHat 6.0
	60	pidentd 3.0.7 for Linux 2.2.5-22smp (Sep 13 1999 20:16:57) RedHat 6.1
	61	pidentd 3.0.10 for Linux 2.2.5-22smp (Feb 22 2000 16:14:21) RedHat 6.2
	62	0 , 0 : ERROR : INVALID-PORT Stampede Linux
	63	------------------------------------------------------------ ------------------
	64
	65	Also, the 3.* versions of the pidentd daemon respond to case mixed VERSION
	66	requests, such as "vERSION", while the 2.* versions need a case fixed "VERSION"
	67	request and otherwise doesn't recognize it as a command.
	68
	69	===============================================================================
	70