Educause Security Discussion mailing list archives

Re: PAT address user identification: methods?

From: John Ladwig <John.Ladwig () CSU MNSCU EDU>
Date: Thu, 26 Jan 2006 15:01:58 -0600

With Pixen, if you log traps at debugging level, your syslog server will
collect information about per-translation connections.  Obviously, this
is a whale of a lot of informatio, and there's a lot of other noise that
comes along.  We suppress certain message numbers when we run debugging
for the purposes of support NAT/PAT trackback.

In almost all circumstances, this gives us abough information to work
back on a RIAA or other external complaint.

Yes, our syslog sink is *immense*.

    -jml

bcotter () POP UKY EDU 2006-01-26 13:34:26 >>>

 [ snip ]

For those of you who use PAT'ing extensively and log transactions,
what methods/technologies have you employed to track user identity,
AND provide an accurate results?

Thanks,

Bill Cotter
UK IT Security

Current thread:

PAT address user identification: methods? Bill Cotter (Jan 26)
- <Possible follow-ups>
- Re: PAT address user identification: methods? John Ladwig (Jan 26)
- Re: PAT address user identification: methods? Tristan RHODES (Jan 27)
- Re: PAT address user identification: methods? Gary Flynn (Jan 27)
- Re: PAT address user identification: methods? Graham Toal (Feb 07)