site Search:


Home Reviews Tools Forums FAQs Find Service ISP News Maps About  
 
    All Forums Hot Topics Gallery






how-to block ads

  
Forums >

The Site > Old Forums > Technology Law & Politics > ISP "Data Retention" - what exactly are they retaining?

Search Topic:
 Share Topic
Posting?
Links: ·DSLR Site FAQ ·Forum FAQ ·Librarians Index to Government & Law ·FindLaw
AuthorAll Replies


NetWatchMan
Premium,VIP
join:2001-03-13
Alpharetta, GA
1 edit

reply to tschmidt

Re: ISP "Data Retention" - what exactly are they retaining?

quote:
Of course the ISP knows source/destination IP addresses otherwise it would not be able to route packets. You are correct that typically ISPs do not log and maintain this information. The requirement to do so is rather onerous because of the huge volume.
Exactly...for those that want to understand this better, Google 'Cisco Netflow'...it essentially enables a provider to audit and log ALL user traffic *at an IP and TCP ***HEADER**** level* (e.g. srcIP, srcPort, dstIP, dstPort, IP protocol, tcp flags, bytescount, packetcount..and a few more tidbits).

In uncompressed form the above information consists of 47 bytes per "flow" Note: a single flow event record can actually be used to summarize thousands of packets related to a single connection over many minutes...thus there is a fair amount of aggregation going on.

Nevertheless, netflow results in MASSIVE amounts of data...for example a single GigaBit Ethernet connection (which is barely utilized) is currently generating 5-10GB of flow data per DAY. For a provider like Comcast to store just one day of flow data from their entire network would probably take terabytes....which is why it's not generally done.

Trying to archive full payload (which I believe would be considered an illegal wiretap anyway) would probably require 1000 to 10000 the amount of disk space as just doing Netflow...plus you'd need double the network capacity, as you'd have to use half of it for logging purposes.
--
Lawrence Baldwin

myNetWatchman

The Internet Neighborhood Watch
to forum · permalink · 2007-01-20 19:20:59 · (locked)


Authority
Obama Biden '12

join:2000-03-29
Woodland Hills, CA

said by NetWatchMan:

Nevertheless, netflow results in MASSIVE amounts of data...for example a single GigaBit Ethernet connection (which is barely utilized) is currently generating 5-10GB of flow data per DAY. For a provider like Comcast to store just one day of flow data from their entire network would probably take terabytes....which is why it's not generally done.=
Thanks for jumping in LB. My question is what exactly do the proposed laws require providers to retain, and what would that tell them? I don't believe they're asking for as much as in your example... I think it's just email and maybe DNS requests, in which case they get nothing off anyone use a different mail and DNS provider. Am I wrong?
to forum · permalink · 2007-01-24 17:49:34 · (locked)
Forums > The Site > Old Forums > Technology Law & Politics

Thursday, 20-Jun 07:12:26 Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 13.5 years online © 1999-2013 dslreports.com.
Most commented news this week
Hot Topics