Ehud Gavron writes:
Suggestion: PPP access devices intercept identD requests
and return the authenticated access string.Reasoning: Modern ``stacks'' used by end-users -- especially
those on throwaway accounts, fake any identD response.
This makes tracking those people tougher.Methods: 1: identD v2, new port, intercepted by access devices
which support it.2: modification to hosts requirement RFCs, making
access devices responsible for intercepting identD
requests to their PPP clients.3: a security RFC ``suggesting'' 1 or 2
Thoughts appreciated, as are comments, flames, blames, and anything
of some content.
I've done this for a couple of internet providers in Western Australia.
Either by using transparent proxying under Linux (one used a Linux term
server..), or a route-map to a *nix box on a Cisco.
There are a few privacy issues too - if you want to see who is online,
you just send out ident requests to all dialup lines, and the 'real' idents
are returned. One Perth ISP fixed this by using a hash of the username.
That fixes IRC bans (so they can just ban *!*hash@*isp.com.au ) .. and if
someone wants to track a user down, they ring the ISP and hand over the
hash.
Adrian
