BBC News - 'Fresh proposals' planned over cyber-monitoring
Florian Weimer
fw at deneb.enyo.de
Sun May 12 10:12:21 BST 2013
* Ian Batten:
> But surely the problem would be that the actual services don't log
> source port numbers, and therefore even if you have the NAT
> mappings, you don't know which of the users who happened to be on a
> particular IP number was the user in question without the source
> port?
Most folks who actually need to track requests back to originating
devices started logging source port numbers in, uhm, 2000 or so.
Actually, if you don't log source IP addresses but not source ports,
it's a strong indicator that you have no business justification for
logging the source IP addresses, which makes the whole exercise
questionable from a data protection POV.
More information about the ukcrypto
mailing list