[tor-relays] clarification on what Utah State University exit relays store ("360 gigs of log files")

Green Dream greendream848 at gmail.com
Sun Aug 9 04:32:00 UTC 2015


>> If you can confirm that the comment is authentic I'd be interested
>> what kind of tor related data you are logging at your exit relays and
why.

> It's most likely netflow logs. Quite popular in Uni / regional ISP
> environments. People collect them for network stats, and to track
> down "security incidents".

Yep. I worked as a network engineer for a large public university in the
US. They logged everything they could. There was at least 30 days of
netflow, plus packet inspection of certain flows.

There was little to no policy regarding access to the logs by staff. Law
enforcement requests went through the university's legal counsel.

I would expect most US universities to be logging netflow in the very
least. Even if the Tor operator isn't keeping logs, it seems safe to assume
the network operator is.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20150808/04a9dd22/attachment.html>


More information about the tor-relays mailing list