[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: init.d script for multi instance TOR servers



>  What would be useful is if you could give us a byte breakdown of how
>  much traffic you transfer per day, per tcp port, to the nearest large
>  unit. Or per week, if the numbers for some ports end up being too
>  small to round, and may compromise anonymity.
>
>  I am not sure how to do this, or I would do it myself on my nodes,
>  too. I imagine some iptables marking magic could get us this data.
>
>  Anyone with some iptables or mrtg foo who can help us gather this
>  data?  We do not want to do anything that requires pcap or tcpdump
>  recording.

Or people could just have an epiphany and realize that such line taps
are the perfect way to collect stats. Nothing new here, it's been around
for ages. Collect what you need to do your job or provide interesting
research data and ignore the rest. There is no moral dilemma just
because, oohh Tor, is involved. I often record and report exit data,
both of Tor and ISP's: ip/ptr, dns queries, port, time, packets, bytes,
protocol, and whatever else is of interest while ignoring actual user
content. Check out any of the open source netflow tools for this.