Suggestion for improved identD
Ehud Gavron
GAVRON at ACES.COM
Tue May 19 22:36:43 UTC 1998
Suggestion: PPP access devices intercept identD requests
and return the authenticated access string.
Reasoning: Modern ``stacks'' used by end-users -- especially
those on throwaway accounts, fake any identD response.
This makes tracking those people tougher.
Methods: 1: identD v2, new port, intercepted by access devices
which support it.
2: modification to hosts requirement RFCs, making
access devices responsible for intercepting identD
requests to their PPP clients.
3: a security RFC ``suggesting'' 1 or 2
Thoughts appreciated, as are comments, flames, blames, and anything
of some content.
Ehud
gavron at aces.com
p.s. new beta traceroute at ftp.aces.com cd pub/software/traceroute/beta
More information about the NANOG
mailing list