# 113 - Ident

Ident, also known as the **Identification Protocol**, typically runs on TCP port `113`. It is a legacy protocol that was originally designed to identify the user of a particular TCP connection on Unix-based systems. **When a connection is made to a service, that service can query the ident service on the client’s machine to retrieve the username of the process that initiated the connection**. This response is based on the source and destination ports involved in the TCP session.

Although the intention behind ident was to provide accountability and logging capabilities, the protocol poses several security concerns. It often exposes unnecessary information about the system, such as internal usernames, which can aid in user enumeration during reconnaissance. Additionally, the service itself has limited security features and is generally considered obsolete in modern environments.

Usernames can be enumerated with the [`ident-user-enum`](https://www.kali.org/tools/ident-user-enum/) utility:

```bash
ident-user-enum <target-IP> <target-port>
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://x7331.gitbook.io/boxes/services/tcp/113-ident.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.