Re: Suggestion for improved identD

[Daniel Reed <djr () narnia n ml org>]

On Tue, 19 May 1998, Ehud Gavron wrote:
) Suggestion:   PPP access devices intercept identD requests
)               and return the authenticated access string.
So, what you're suggesting is that all PPP users will automatically have
ident queries handled for them by their ISP? Thanks, but I think I'd
rather not. There are definitely some sites on the Internet that run their
own proper identd and are connected to the Internet via a dialup PPP
connection. The explosive growth of the Linux operating system, among
other factors, accounts for this truth. I just fail to see how
establishing an upstream-regulated ident request would be beneficial to
anyone in any way--surely you aren't suggesting this be used as opposed to
dialin records for tracking down specific users when they're abusive,
right?

) Reasoning:    Modern ``stacks'' used by end-users -- especially
)               those on throwaway accounts, fake any identD response.
)               This makes tracking those people tougher.
I fail to see how tracking them becomes harder. As I stated above,
tracking based on host name coupled with dialin logs would be far
better--unless every ISP implements this, there will always be some
[ab]user who is able to create their own ident reply, which would weaken
the effectiveness of upstream-controlled ident replies.

--
Daniel Reed <n () ml org> (ask me for my PGP key)
Artificial Intelligence stands no chance against Natural Stupidity