Re: [Openpacket-devel] New Beta Site Live
Brought to you by:
crazy_j,
taosecurity
Menu
▾
▴
Re: [Openpacket-devel] New Beta Site Live
|
From: Richard B. <tao...@gm...> - 2007-10-16 17:30:04
|
On 10/16/07, Aaron Turner <syn...@gm...> wrote: > On Oct 14, 2007 2:14 AM, James Pleger <jp...@gm...> wrote: > > I agree that it is up to the poster to anonymize it, but it would be > > nice for people who submit large volumes of pcaps to not have to go > > through anonymizing it on their end. When I was uploading a pcap, I > > was thinking wow... it would be really neat if the website was able to > > anonymize it for me :) > > > > Just kind of a feature, but still would be pretty cool.. A lot of > > times stuff isn't sensitive, but might be nice to block out IP's... > > I'd have to agree with this one. Anything the website can do to make > it easier/less effort for people to upload pcaps will only result in > more people contributing rather then leaching. Nobody is going to > upload files for fame or profit, so lacking sufficient incentive means > you need to remove as many roadblocks as possible. > > My .02USD > In theory anonymization sounds good, but what does that mean? Aaron, I know you know this, but anonymization would have to occur at multiple layers... I'm particularly worried about removing sensitive data about layer 4. I'd rather not provide a false sense of anonymization via replacing IPs when other data is left in layers 5, 6, or 7. My standard rule for the OpenPacket.org moderators will be to reject a pcap if they believe it contains anything sensitive. We are not going to jeopardize ourselves by exposing someone's sensitive data through a volunteer-based, free project. Sincerely, Richard |
