Announce: "secret-admirers" mail list(usenet)

[BMM]

On Sat, 16 Dec 2000, madmullah wrote:

> Regarding anonymous Usenet reading (vs. posting), 
> what kind of logging do most nntpd's perform ?
>

Servers probably by default log whetever authentication is required to
access them, ie. an IP address where there's an ACL by IP or a username
where a USERAUTH is required.

> I've never had the opportunity to setup nntp daemon softwarez 
> so I have nada idea as to the level of default logging that they 
> perform by default, or how they can be tweaked further.

The News administrator may log as much or as little as he chooses.  This
is why others have suggested one read read news from a server or one has
control over.  A caching proxy configured correctly would be the next best
thing.

> Is it possible to log HEAD and BODY requests for individual articles in
> individual newsgroups along 
> with a userid on the clients end ?  Worse, can the ip address of the
> client newsreader software be logged
> along with its individual nntp commands ?
> 
> What I'm thinking about is that there might be a massive potential for 
> piercing a users anonymity through the examination of such logs, but
> since
> I don't know what kind of logging the major news server packages perform
> by default 
> I don't know how much of a threat this type of scenario would be.
>

Managing a news feed is neat experience to have done once, but I don't
think I'd want to make a career out of it.  Popular server packages go a
long way toward reducing the administrative burden, including allowing the
administrator to tweak logging up or down as he deems appropriate.
 
> Any news gurus out there ?
> Forgive me for the amateurish sound of this message, I think that these
> issues are sort of germane 
> the larger set of anonymity issues associated with usenet.
> 

Thanks,

-Brian