Suggestion for improved identD

Ehud Gavron GAVRON at ACES.COM
Tue May 19 22:36:43 UTC 1998


Suggestion:	PPP access devices intercept identD requests
		and return the authenticated access string.

Reasoning:	Modern ``stacks'' used by end-users -- especially
		those on throwaway accounts, fake any identD response.
		This makes tracking those people tougher.

Methods:	1: identD v2, new port, intercepted by access devices
		   which support it.

		2: modification to hosts requirement RFCs, making
		   access devices responsible for intercepting identD
		   requests to their PPP clients.

		3: a security RFC ``suggesting'' 1 or 2

Thoughts appreciated, as are comments, flames, blames, and anything
of some content.

Ehud
gavron at aces.com

p.s. new beta traceroute at ftp.aces.com  cd pub/software/traceroute/beta




More information about the NANOG mailing list