Announce: "secret-admirers" mail list(usenet)
Eric Murray
ericm at lne.com
Sat Dec 16 11:24:25 PST 2000
On Sat, Dec 16, 2000 at 12:26:45PM -0500, madmullah wrote:
>
> Regarding anonymous Usenet reading (vs. posting),
> what kind of logging do most nntpd's perform ?
>
> I've never had the opportunity to setup nntp daemon softwarez
> so I have nada idea as to the level of default logging that they
> perform by default, or how they can be tweaked further.
By default they perform all the default logging....
> Is it possible to log HEAD and BODY requests for individual articles in
> individual newsgroups along
> with a userid on the clients end ? Worse, can the ip address of the
> client newsreader software be logged
> along with its individual nntp commands ?
Yes, it can be. I used to have a script which parsed nntpd
logs to watch an individual's browsing (individual host that is).
With access to the dialup/radius database, the ISP could match
the IP to the account and thus to the real name.
The same info can be obtained for email on an ISP via POP/IMAP logging
combined with the sendmail logs (and looking at the emails in the queue
to get the content).
Fortunately most ISPs don't have the time to do this just for fun,
unfortunately a lot of them would do it if requested to do so by police.
Only by running your own mail or news server can you prevent the
ISP from monitoring your email or news reading.
--
Eric Murray Consulting Security Architect SecureDesign LLC
http://www.securedesignllc.com PGP keyid:E03F65E5
More information about the cypherpunks-legacy
mailing list