[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Detweiler abuse again
[email protected] (Eric Hughes) writes:
>
> >I'm not sure Eric's idea about connecting via sockets would eliminate all
> >possibilities of logging.
>
> I did not mean to imply this. Using daemons would get rid of the
> _default_ loging that occurs on systems. Changing logging from
> opt-out to opt-in would make a large practical difference right now.
Using a remailer daemon on a well-known port (777, anyone?) would only
result in defeating logging that is done via SMTP-agents like sendmail.
It is still possible for the sysadmin on the host to do a TCP-wrapper
log which logs the connection to the remailer from the originator.
Again, this only provides IP address information, which makes it easy
to hide if the originator comes from a machine like netcom or the well.
> This was exactly my point in a previous article. An email address
> identifies both a machine and a user, where an IP connection (e.g.
> telnet) only reveals the machine. Now if the sysadmin of the
> originating machine logs and shares information with the destination
> machine, the user can be identified. But again, this is an opt-in
> monitoring system.
Yes... also the remailer daemon could do opt-in monitoring of both ends
of it's connections... Full accountability could be possible, but only
with the complicity of everyone in the path...
Jon Boone | PSC Networking | [email protected] | (412) 268-6959 | PGP Key # B75699
PGP Public Key fingerprint = 23 59 EC 91 47 A6 E3 92 9E A8 96 6A D9 27 C9 6C