Suggestion for improved identD
Daniel Reed
djr at narnia.n.ml.org
Wed May 20 00:05:21 UTC 1998
On Tue, 19 May 1998, Ehud Gavron wrote:
) Suggestion: PPP access devices intercept identD requests
) and return the authenticated access string.
So, what you're suggesting is that all PPP users will automatically have
ident queries handled for them by their ISP? Thanks, but I think I'd
rather not. There are definitely some sites on the Internet that run their
own proper identd and are connected to the Internet via a dialup PPP
connection. The explosive growth of the Linux operating system, among
other factors, accounts for this truth. I just fail to see how
establishing an upstream-regulated ident request would be beneficial to
anyone in any way--surely you aren't suggesting this be used as opposed to
dialin records for tracking down specific users when they're abusive,
right?
) Reasoning: Modern ``stacks'' used by end-users -- especially
) those on throwaway accounts, fake any identD response.
) This makes tracking those people tougher.
I fail to see how tracking them becomes harder. As I stated above,
tracking based on host name coupled with dialin logs would be far
better--unless every ISP implements this, there will always be some
[ab]user who is able to create their own ident reply, which would weaken
the effectiveness of upstream-controlled ident replies.
--
Daniel Reed <n at ml.org> (ask me for my PGP key)
Artificial Intelligence stands no chance against Natural Stupidity
More information about the NANOG
mailing list