UDP and data retention
Michael Holstein
michael.holstein at csuohio.edu
Fri Dec 19 18:49:33 UTC 2008
> This is off-topic, but isn't UDP making data retention more difficult
> than TCP/IP.
>
I don't see how ..
"tcpdump -s 1514 -w evidence.pcap ip proto \\udp"
is any harder than ..
"tcpdump -s 1514 -w evidence.pcap ip proto \\tcp"
Now I guess you could rig a communications "network" that dealt entirely
in header-source forged UDP packets, but as best practices dictate (not
the everybody follows them) .. one should filter egress of packets with
a source address not within your netblock.
Cheers,
Michael Holstein
Cleveland State University
More information about the tor-talk
mailing list