Quoting Steve Siegfried (sos at zjod.net):
> 
> Folks,
> 
> Started using tcplog after a crack-in attempt recently and have notices that
> TCLUG email list has wierd sender addresses listed for the smtp access
> connection lines in the log.

I actually encrypt the identd identification of processes and whom they run as
for privacy reasons. Normally, if there is an incident, I can email me the
"junk" that identd returns and I can apply my private key and decrypt the
message and find out what user/account is being identified.

The encrypt of identd doesn't system privledged accounts any different then
normal users.

-- 
Bob Tanner <tanner at real-time.com>       | Phone : (952)943-8700
http://www.mn-linux.org                 | Fax   : (952)943-8500
Key fingerprint =  6C E9 51 4F D5 3E 4C 66 62 A9 10 E5 35 85 39 D9