%% You should probably cite draft-daveor-cgn-logging-04 instead of this revision. @techreport{daveor-cgn-logging-00, number = {draft-daveor-cgn-logging-00}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-daveor-cgn-logging/00/}, author = {David O'Reilly}, title = {{Approaches to Address the Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies}}, pagetotal = 15, year = 2017, month = aug, day = 21, abstract = {The use of large-scale IP address sharing technologies (commonly known as "carrier-grade NAT") presents a challenge for law enforcement agencies due to the fact that incoming source port information is not routinely logged by Internet-facing servers. The absence of this information means that it is becoming increasingly difficult for law enforcement agencies to identify suspects in criminal activity online. This document considers the reasons why source port information is not routinely logged by Internet-facing servers and proposes some immediate-term actions that can be taken to help improve the situation. A deployment maturity model has been developed and a study of the support for logging incoming source port information in common server software is also presented.}, }