[tor-talk] Ntop nDPI 1.8 with enhanced Tor protocol dissector
Fabio Pietrosanti (naif) - lists
lists at infosecurity.ch
Wed Jun 1 06:05:22 UTC 2016
Hello,
the cool ntop project (www.ntop.org) has released it's opensource DPI
(Deep Packet Inspection) engine with enhanced Tor protocol dissector and
support http://www.ntop.org/ndpi/released-ndpi-1-8/ .
They do it by looking at the hostname pattern being used in the TLS
handshake.
Community-wise, which is the best way to deal with opensource code that
facilitate high-performance detection of Tor traffic pattern (likely to
be used by who would like to profile Tor users) ?
a. Kindly ask them to re-consider releasing high-performance tools
available to detect Tor traffic?
b. Engage in a opensource-code arm-race for detection and anti-detection?
c. Does nothing?
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - https://globaleaks.org - https://tor2web.org -
https://ahmia.fi
More information about the tor-talk
mailing list