Juha Saarinen wrote:
Mark Foster said:
The other negative of Non-Transparent-Proxying that this brings to mind is the relative difficulty that ISPs have identifying persons who abuse web based services (websites, forums, et al) - The logs which collect 'cache?.xyz.co.nz' aren't exactly going to give the ISP information used to resolve user accounts and specific individuals.
You mean like in this case?
"Smith also promised TelstraClear would endeavour to discover the identity of the abuser but said it would be difficult thanks to the volume of internet logs generated by customers."
Has he never heard of `grep -r` ? It can't be that hard, I have to find malicious content in logs numerous times and it takes me SFA time. They know it's from a Christmas Island domain, so he will obviously browse the site before he links the images onto the forums and Christmas Island domains aren't the most popular. I don't see the problem here.
Any ISPs who have run semi-transparent caching like to stick up their hands as to the sheer _volume_ of logging data collected relative to their customer base? And indicate exactly how long they archive those logs for, and how accessible they are??? And to use an obvious example, abusive email sent via hotmail.... One case I worked on years ago required me to find an individual line entry corresponding to the act of clicking on 'send' within a hotmail window, where at least a half dozen of our clients were using the same proxy, and talking to hotmail, at the same time.... this is not going to help identify individual abusers! And if you're an ISP in the top few, I imagine you're going to be handling a large number of simultaneous requests. Thats huge amounts of data, and increased ambiguity. More costs. As I said earlier in this thread, it has been demonstrated that Transproxies can cost more than they save... and the TCL Article quoted is a perfect example of just some of the complications. Thank you Juha. :-) [/stir] Mark.