question regarding US requirements for journaling public email (possible legislation?)

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Thu Jan 5 22:00:15 CST 2012


On Fri, 06 Jan 2012 09:11:30 +0530, Suresh Ramasubramanian said:
> I would love to ask the EFF just what you do when you don't log stuff,
> and then need to troubleshoot someone causing a DDoS or something from
> your network in a hurry.

What John actually said:
> OSPs cannot be forced to provide data that does not exist. EFF suggests
> that OSPs draft an internal policy that states that they collect only
> limited information and do not retain any logs of user activity on their
> networks for more than a few weeks.

You need to track down a miscreant user *right now*? You got the last 48 hours
of logs right at hand.  It's been a week? Meh, if somebody's been getting hit by
a DDoS for a week and is just now calling you, the fact they have a DDoS is the
least of their problems. Toss the logs. :)

> Not that I'd get any sort of a useful answer from them, beyond random
> propaganda that spam filtering is evil, DPI is demoniacal etc etc.

Might want to go and actually read https://www.eff.org/wp/osp
before you say that. The PDF version runs to about 15 pages of detailed
and useful info for an OSP.;
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20120105/4f9eac4b/attachment.bin>


More information about the NANOG mailing list