You'll likely have to work with your ISP to find THAT process; most of them should be helpful enough. You are trying to discover which machine is responding to port 113 (IDENTd or AUTH) requests on your mIRC's behalf. mIRC, itself, normally responds to these requests. However, I did not see anything in your post to indicate that you were the one responding. Go to:
- Alt-O (Options)
- Make sure that all of those check boxes are checked except for the last one.
- Leave the System set to UNIX and the port set to 113.
You should see something like:
- Identd request from 126.96.36.199
- Identd replied: 2576, 6667 : USERID : UNIX : Hammer
That means that the server I'm connecting to at that (faked example) IP wants to know if I am who I say I am on the port I say I'm using. mIRC responds saying it is connecting from local port 2576 to remote port 6667 on the server (at 188.8.131.52) using a UNIX system and a username of Hammer.
If you do not see something like the above (and I doubt that you will), then your mIRC is not seeing the IDENTd request at all. There can be many reasons for this, such as having a router or a firewall that are not forwarding the request to your computer. However, that's not the problem in this case because someone
is responding on your behalf. If you are on a network that uses ICS then perhaps the ICS host is responding to the IDENTd request for everyone on the network. If you are logging into the server through a shell/BNC type of thing, then it's possible or even likely that that
machine is responding to the request in your behalf. Someone
between you and the server you are trying to connect to is intervening and sending a 34-character userid (limited to 10 characters on IRC server including the ~ if the AUTH request fails) that doesn't belong to you.
The computer that is proxying your IDENTd will obviously be somewhere between you and the IRC server, but only up to and including your ISP. Although providers have been known to firewall their clients ports for them, it would be quite unusual for them to actually proxy an AUTH request. More likely, a computer on your home network or perhaps another process running on your own machine is capturing the request and responding before your mIRC can.Your
task is to find that machine or process and either disable it, kill it, burn it, destroy it, or at least chastise it severely. Good luck.
References (for those that are interested in the details):
1. Possible system names
2. identd/auth RFC