[tor-relays] clarification on what Utah State University exit relays store ("360 gigs of log files")

Sharif Olorin sio at tesser.org
Fri Aug 14 01:42:18 UTC 2015


Additionally, I should clarify that bro and netflow have some
fundamental differences and are usually used for different things (but
both are common in large networks). Bro's very stateful and is more
focused on IDS-type applications, whereas netflow is more directed
towards traffic accounting, which is why bro has all the stateful
stuff about TCP connections. bro would be more commonly found at
a university, but netflow's probably more relevant if you're looking
at what the typical ISP will retain for a long time.

OpenPGP: 6FB7 ED25 BFCF 3E22 72AE 6E8C 47D4 CE7F 6B9F DF57
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20150814/5c3023d6/attachment.sig>

More information about the tor-relays mailing list