Suggestion for improved identD

Daniel Reed djr at narnia.n.ml.org
Wed May 20 00:05:21 UTC 1998


On Tue, 19 May 1998, Ehud Gavron wrote:
) Suggestion:	PPP access devices intercept identD requests
) 		and return the authenticated access string.
So, what you're suggesting is that all PPP users will automatically have
ident queries handled for them by their ISP? Thanks, but I think I'd
rather not. There are definitely some sites on the Internet that run their
own proper identd and are connected to the Internet via a dialup PPP
connection. The explosive growth of the Linux operating system, among
other factors, accounts for this truth. I just fail to see how
establishing an upstream-regulated ident request would be beneficial to
anyone in any way--surely you aren't suggesting this be used as opposed to
dialin records for tracking down specific users when they're abusive,
right?

) Reasoning:	Modern ``stacks'' used by end-users -- especially
) 		those on throwaway accounts, fake any identD response.
) 		This makes tracking those people tougher.
I fail to see how tracking them becomes harder. As I stated above,
tracking based on host name coupled with dialin logs would be far
better--unless every ISP implements this, there will always be some
[ab]user who is able to create their own ident reply, which would weaken
the effectiveness of upstream-controlled ident replies.

--
Daniel Reed <n at ml.org> (ask me for my PGP key)
Artificial Intelligence stands no chance against Natural Stupidity




More information about the NANOG mailing list