Carrier-Grade NAT

Be the first to comment!

The use of large-scale IP address sharing technologies (such as "Carrier-Grade NAT" and "A+P") present a challenge for law enforcement agencies due to the fact that the information required to attribute criminal activity based on IP address is not commonly recorded. Specifically, incoming source port information is not routinely logged by Internet-facing servers. The absence of this information means that it is becoming increasingly difficult for law enforcement agencies to identify suspects in criminal activity online. FTR Solutions has been working for some time to address this challenge.

This page provides references to the various publications and other resources that have been produced as part of that initiative.

Articles

The Carrier-Grade NAT Information Gap
- A brief introduction to the crime attribution challenge that is introduced by Carrier-Grade NAT.
Carrier-Grade NAT Source Port Re-Identification - Part 1
Carrier-Grade NAT Source Port Re-Identification - Part 2
- Analysis of the re-identitification risk of logging source port at Internet-facing servers.

Publications

Approaches to Address the Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies
- This document considers the reasons why source port information is not routinely logged by Internet-facing servers and proposes some immediate-term actions that could be taken to help improve the situation. The document also contains a maturity model that has been developed to study the support for logging incoming soruce port information in common server software.
- Published in the independent submission stream in August 2017.
- Moved to the IETF stream in April 2018.
Availibility of Required Data to Support Criminal Investigations Involving Large-Scale IP Address-Sharing Technologies
- Published in IEEE Security and Privacy (Volume 15, Issue: 5, 2017, Pages 90-93) in October 2017

Presentations

Carrier-Grade NAT and Source Port Logging
- Presentation to Europol workshop on Carrier-Grade NAT (CGN) and Identification of Cyber-Attackers, 13th October 2017
Best Practice for Logging at Internet-facing Servers
- Presentation to Internet Area Working Group at IETF-101, 19th March 2018
The Carrier-Grade NAT Information Gap and Source Port Logging
- Presentation to OPSEC Working Group at IETF-102, 20th July 2018

Published in Dave O'Reilly's FTR Solutions Blog

More in this category: « ATM Fraud Prevention Framework IPv6 Crime Attribution »

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.

About

The mission of FTR Solutions is to increase the security of financial services. We achieve this by offering a suite of services that enable financial institutions to securely leverage technology to enhance the security of their products and their corporate infrastructure.

More Information

Contact Us

To find out more about our services or to discuss an engagement, please This email address is being protected from spambots. You need JavaScript enabled to view it..

Blog Feed

feed-image RSS