Jon Lewis writes:
On Tue, 19 May 1998, Ehud Gavron wrote:
Suggestion: PPP access devices intercept identD requests and return the authenticated access string.
Thoughts appreciated, as are comments, flames, blames, and anything of some content.
Not every dialup connection is a single end luser on a win95 box. What about ISDN connections where there's a whole network of real computers and different users (on each computer)? How does the NAS decide which connections to intercept for and which not to? Even if you knew the username, what good will it do you 1000 miles away? Those providers who care can fine the user if you tell them the IP and time of day. Those who don't care won't care if you tell them "I was spammed by abc123@yournets.net".
Its more of blocking services. When I implemented the forced ident setup, if a user had a static IP, then the ident was passed through. Only if they were a dynamic IP dialup client would the ident be forced. The idea here is not to provide a username. Its to provide a method of identifying a dialup user, in a way that doesn't change with each login. Since most things already query ident, then why not go this path and make ident 'trusted' on dynamic IP NAS connections? Adrian