Your staff will still get a ton of complaints. If these can be parsed by a script that looks for virus / trojan strings in the complaint,extracts the IP (or has your NOC dude just click the IP in his ticketing system, like in RT + IRTT) and the account just goes away - then fine.
So you want a major ISP to simply automatically disable accounts of its users based only on automated detection of an IP address and timestamp in something that APPEARS to be a complaint to an automated script? Do you want to start a pool to see how long it will take before the dictionary complaints start rolling in once such a system becomes publicly known? There is a reason why there are humans (overworked, unfortunately) handling abuse complaints. Make it easy, sure...but make it easy for the human to be able to properly inspect the complaint to see if it's legitimate BEFORE doing anything. But to the original issue of accountability. If an ISP can't write a simple tool to take an IP address & timestamp and spit out a username from radius logs, how do you expect them to implement a hash-based rdns tagging system? Steve ---- Steve Birnbaum SkyVision Global Networks Phone: +44 20 83871750 Email: steve.birnbaum@sky-vision.net Note that it is never the fall that kills, it's the landing.