On Fri, Aug 21, 2015 at 12:30 AM, Mike Perry mikeperry@torproject.org wrote:
I submitted a proposal to tor-dev describing a simple defense against this default configuration: https://lists.torproject.org/pipermail/tor-dev/2015-August/009326.html
nProbe should be added to the router list, it's a very popular opensource IPFIX / netflow tap. http://www.ntop.org/products/netflow/nprobe/
For those into researching other flow capabilities... There are also some probes in OS kernels and some other opensource taps, they're not as well known or utilized as nProbe. Other large hardware vendors include Brocade, Avaya, Huawei, and Alcatel-Lucent.
Lots of SDN and monitoring projects can plug in with gear like this, because, FTW...
http://telesoft-technologies.com/technologies/mpac-ip-7200-dual-100g-etherne... http://www.hitechglobal.com/IPCores/100GigEthernet-MAC-PCS.htm http://www.napatech.com/sites/default/files/dn-0820_nt100e3-1-ptp_data_sheet... https://www.cesnet.cz/wp-content/uploads/2015/01/hanic-100g.pdf http://www.ndsl.kaist.edu/~kyoungsoo/papers/2010-lanman-100Gbps.pdf http://info.iet.unipi.it/~luigi/netmap/