John Scrivner wrote:

> I think most people here track who has what address. Otherwise how could
> you possibly run your network? What they likely do not do is keep logs
> of who had what address three years ago.

Y'know, boss, I could add that to our in-house IP tracking system if you
like. :)

Since Scriv often tells me to do things like that, let's look at this
from a practical standpoint.

Our ISP presently uses static IPs for just about everything, which at
least means the recordkeeping is minimal. (We just stick everything in a
very tiny database - it could easily be a flat-file, or even a big
spreadsheet, as relatively simple as it is.) Adding history entries
would probably take me half an hour, maybe a full hour if I want to
really debug the Hell out of it. If you're a small outfit, that's not
honestly all that complicated.

Now, let's say you're a bit bigger outfit, with, say, five thousand
broadband customers. That's certainly too big to manage your IP space by
hand, but still small enough that you can say you're a "small business"
with that many customers. At that point, you'll certainly have automated
things somewhat, probably with a couple RADIUS servers for customer
authorization and a few DHCP servers. The way I'd do it, honestly, is
probably with a DHCP server at each tower location or POP. Your records
are now quite a bit more decentralized, and to comply with these
requirements, you'll need some kind of automatic log-scraping, or a
centralized logging server, or something.

That's another server (or several servers, if you do things like with
redundancy) you've got to buy, and that your sysop has to maintain. More
spare parts you'll have to keep on the shelf in case one of them goes
pear-shaped. More data you have to ensure is properly backed up. And so
on and so on.

Granted, most of this can probably be put together for just a few
thousand dollars, but that's a few thousand dollars that many smaller
business owners might not have.

> This never happens so the issue is how long should we have to keep this
> log information? Should we have to keep it at all? Should we simply use
> DNS to assign names to addresses for all users which are kept up to date
> then by us? (Names of customers as "A" records for all IPs)

That's an awesomely bad idea, for privacy reasons. I really wouldn't
want the whole world to have access to my name, just by digging up
emails I sent them, and seeing that the headers show the email
originated from "" or something like that.

Also, it'd be a real hassle to set that DNS thing up, boss. :)

> Let's look at a rights basis then. Should people who use a "public"
> Internet be able to be anonymous via the connection of their ISP?

I don't see why not. The Internet is, in that regard, very parallel to
the existing phone system. Every Web page you visit, or every email you
send, will have some numbers that identify you in a pseudonymous manner
(IP addresses), just like phone calls now carry caller ID. The
information is there if you want it, but many people don't use it. (A
lot of folks still don't have a caller ID box, and most folks don't know
how to read email headers.)

If you take a bit of effort to obscure your identity, you can do so.
(There are anonymous remailers and anonymizing Web proxies, and there's
a code you can dial on your phone to block caller ID information.)

Back in college, I ran an anonymous remailer. It may be time to start it
up again...

David Smith
WISPA Wireless List:



Reply via email to