http://www.engadget.com/2009/02/20/proposed-bill-would-force-isp-wifi-logs-for-security-criminal/

This proposed bill has been floating around the ether for a long time -- and it's just made a big time comeback. Essentially, the Republican-backed bill would be a "sweeping" federal measure which would require all ISPs and many WiFi access point providers to keep records of their users for two years, in order to aid police investigations. There are two separate bills -- one in the Senate and one in the House -- both named the "Internet Stopping Adults Facilitating the Exploitation of Today's Youth Act," or Internet Safety Act. Catchy, right? The bill would cover, as already stated, not just the major ISPs, but WiFi providers, including both public and password protected access points. The bill is undoubtedly going to be quite controversial, but is also expected to appeal to legislators across both parties. We'll see what, if anything, becomes of it, but in the meantime, what are your thoughts on this one?

Already exists...

Carnivore, Altivore, Echelon
http://compnetworking.about.com/od/internetaccessbestuses/l/aa120400a.htm

How Carnivore Worked


You may have heard about Carnivore, a controversial program developed by the U.S. Federal Bureau of Investigation (FBI) to give the agency access to the online/e-mail activities of suspected criminals. For many, it is eerily reminiscent of George Orwell's book "1984." Although Carnivore was abandoned by the FBI in favor of commercially available eavesdropping software by January 2005, the program that once promised to renew the FBI's specific influence in the world of computer-communications monitoring is nonetheless intriguing in its structure and application.

What exactly was Carnivore? Where did it come from? How did it work? What was its purpose? In this article, you will learn the answers to these questions and more!

Carnivorous Evolution

Carnivore was the third generation of online-detection software used by the FBI. While information about the first version has never been disclosed, many believe that it was actually a readily available commercial program called Etherpeek.

In 1997, the FBI deployed the second generation program, Omnivore. According to information released by the FBI, Omnivore was designed to look through e-mail traffic travelling over a specific Internet service provider (ISP) and capture the e-mail from a targeted source, saving it to a tape-backup drive or printing it in real-time. Omnivore was retired in late 1999 in favor of a more comprehensive system, the DragonWare Suite, which allowed the FBI to reconstruct e-mail messages, downloaded files or even Web pages.

DragonWare contained three parts:

* Carnivore - A Windows NT/2000-based system that captures the information
* Packeteer - No official information released, but presumably an application for reassembling packets into cohesive messages or Web pages
* Coolminer - No official information released, but presumably an application for extrapolating and analyzing data found in the messages

­ As you can see, officials never released much information about the DragonWare Suite, nothing about Packeteer and Coolminer and very little detailed information about Carnivore. But we do know that Carnivore was basically a packet sniffer, a technology that is quite common and has been around for a while.

Packet Sniffing

Computer network administrators have used packet sniffers for years to monitor their networks and perform diagnostic tests or troubleshoot problems. Essentially, a packet sniffer is a program that can see all of the information passing over the network it is connected to. As data streams back and forth on the network, the program looks at, or "sniffs," each packet.

Normally, a computer only looks at packets addressed to it and ignores the rest of the traffic on the network. When a packet sniffer is set up on a computer, the sniffer's network interface is set to promiscuous mode. This means that it is looking at everything that comes through. The amount of traffic largely depends on the location of the computer in the network. A client system out on an isolated branch of the network sees only a small segment of the network traffic, while the main domain server sees almost all of it.

A packet sniffer can usually be set up in one of two ways:

* Unfiltered - Captures all of the packets
* Filtered - Captures only those packets containing specific data elements

­ Packets that contain targeted data are copied as they pass through. The program stores the copies in memory or on a hard drive, depending on the program's configuration. These copies can then be analyzed carefully for specific information or patterns.

When you connect to the Internet, you are joining a network maintained by your ISP. The ISP's network communicates with other networks maintained by other ISPs to form the foundation of the Internet. A packet sniffer located at one of the servers of your ISP would potentially be able to monitor all of your online activities, such as:

* Which Web sites you visit
* What you look at on the site
* Whom you send e-mail to
* What's in the e-mail you send
* What you download from a site
* What streaming events you use, such as audio, video and Internet telephony
* Who visits your site (if you have a Web site)

In fact, many ISPs use packet sniffers as diagnostic tools. Also, a lot of ISPs maintain copies of data, such as e-mail, as part of their back-up systems. Carnivore and its sister programs were a controversial step forward for the FBI, but they were not new technology.
http://computer.howstuffworks.com/carnivore.htm