I keep getting these in my /var/log/messages:

Dec 11 14:32:49 li3-194 identd[11257]: request_thread: read(10, ..., 1023) failed: Connection reset by peer
Dec 11 14:33:28 li3-194 identd[11263]: request_thread: read(9, ..., 1023) failed: Connection reset by peer
Dec 11 14:34:08 li3-194 identd[11266]: request_thread: read(9, ..., 1023) failed: Connection reset by peer
Dec 11 14:35:48 li3-194 identd[11275]: request_thread: read(9, ..., 1023) failed: Connection reset by peer
Dec 11 14:37:12 li3-194 identd[11282]: request_thread: read(9, ..., 1023) failed: Connection reset by peer
Dec 11 14:38:13 li3-194 identd[11290]: request_thread: read(9, ..., 1023) failed: Connection reset by peer

Is this the effect of having 300 in your tcp timeout time?

-Ashen

Probably not. "Connection reset by peer" implies that the far end is closing the connection. However, since identd is a completely pointless protocol these days, you can probably just disable the daemon. (Or do some IRC servers still require it? If so, someone needs to cluebat them...)

_________________
The irony is that Bill Gates claims to be making a stable operating system and Linus Torvalds claims to be trying to take over the world.
-- seen on the net

Alot of them do, not including mine-because alot of the spambots and other fodder (ddos botnets) use servers that don't have ident installed, simply because they are hijacked connections.

Requiring ident doesn't block them all, but does block most of them. Most insecure proxies used for abuse on IRC (flood attacks, etc) don't have ident either and are blocked for the same purpose.

I don't block them simply because its easier to deny them access to the network by akilling them. May have to eventually though if it gets bad enough. Most 'major' networks do require ident however. Dalnet is a good example. Most of them DO check for ident though, but if you don't have it, after a few seconds pause, will let you on, but put a ~ in front of your hostmask to indicate ident failed.

_________________
--
U
irc.foreverchat.net Founder

Well, that makes a little sense, I guess, but only for a little while. It won't be long before the bots start responding to ident requests.


That, OTOH, is completely pointless. The contents of an ident response are meaningless. I can make the ident service on my machine say anything I want it to. The ident protocol was invented when people didn't have their own internet connections and run their own services. Nowadays, it don't mean diddly squat.

_________________
The irony is that Bill Gates claims to be making a stable operating system and Linus Torvalds claims to be trying to take over the world.

-- seen on the net

I guess the general consensus is that, yes, you could easily make your ident server say whatever it wants, but most of the spammers and pests on IRC don't bother with ident, which makes a ~*!*@* ban valueable to some networks to eliminate some of the issues, is all.

I guess the reason why it works is because most of the bad stuff comes from boxes that have been exploited, and the installation of ident on that box would likely draw attention to the fact its been exploited perhaps..... who knows.

I don't personally do it on my network because I don't think it stops much, but some networks do. They have various reasons, I guess.

_________________
--

U

irc.foreverchat.net Founder

Getting back to the problem at hand, does anyone have any ideas how to fix
this? I get it on pretty much any irc server I connect to... surely it's a bug some
where in my system, rather then all the other servers all being broken?

-Ashen

Ok I've fixed this myself.

The problem was I'd set the identd to return 'OTHER' instead of 'UNIX'
as the O/S, and most irc networks don't like this, so they started giving my
identd the cold shoulder.

A simple edit of /etc/identd.conf and service identd restart
fixed it.

-Ashen