<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN">
<html><body style='font-size: 10pt'>
<p>They don't care where you go, all they want to know is which end user had 1.2.3.4 at time.date within last 2 years.</p>
<p>no need to learn netflow or any such crap, your radius logs will do fine.</p>
<p>if you read that differently, then you and I certainly watch two different programs</p>
<p> </p>
<p><a class="twitter-timeline-link" title="http://youtu.be/yiGQkoPADi4" dir="ltr" href="http://t.co/K7A24hU1JQ" rel="nofollow" target="_blank" data-expanded-url="http://youtu.be/yiGQkoPADi4"><span> </span><span class="tco-ellipsis"></span><span class="invisible">http://</span><span class="js-display-url">youtu.be/yiGQkoPADi4</span></a> IIRC its about 3 or so mins in.</p>
<p> </p>
<p>On 08/08/2014 15:10, Paul Wallace wrote:</p>
<blockquote type="cite" style="padding-left:5px; border-left:#1010ff 2px solid; margin-left:5px"><!-- html ignored --><!-- head ignored --><!-- meta ignored --><!-- meta ignored --><!-- node type 8 --><!-- node type 8 -->
<div class="WordSection1">
<p class="MsoNormal"><span style="font-size: 11.0pt; font-family: 'Calibri','sans-serif'; color: #1f497d;">Malcolm Turnbull was on the telly this morning stating unequivocally that they do not plan to mandate the collection & retention of "web pages' rather "just the IP address'.<!-- o ignored --></span></p>
<p class="MsoNormal"><span style="font-size: 11.0pt; font-family: 'Calibri','sans-serif'; color: #1f497d;"><!-- o ignored --> </span></p>
<p class="MsoNormal"><span style="font-size: 11.0pt; font-family: 'Calibri','sans-serif'; color: #1f497d;">I'm struggling to accept this because it would be valueless intel to some degree, in that a single IP often leads you to a web host that's hosting many websites via the same IP<!-- o ignored --></span></p>
<p class="MsoNormal"><span style="font-size: 11.0pt; font-family: 'Calibri','sans-serif'; color: #1f497d;"><!-- o ignored --> </span></p>
<p class="MsoNormal"><span style="font-size: 11.0pt; font-family: 'Calibri','sans-serif'; color: #1f497d;">If that host was hosting MANY websites it would difficult to figure out precisely which site the person of interest was browsing!<!-- o ignored --></span></p>
<p class="MsoNormal"><span style="font-size: 11.0pt; font-family: 'Calibri','sans-serif'; color: #1f497d;"><!-- o ignored --> </span></p>
<p class="MsoNormal"><span style="font-size: 11.0pt; font-family: 'Calibri','sans-serif'; color: #1f497d;">Watch for slippage in relation to that particular claim<!-- o ignored --></span></p>
<p class="MsoNormal"><span style="font-size: 11.0pt; font-family: 'Calibri','sans-serif'; color: #1f497d;"><!-- o ignored --> </span></p>
<p class="MsoNormal"><span style="font-size: 11.0pt; font-family: 'Calibri','sans-serif'; color: #1f497d;">-P<!-- o ignored --></span></p>
<p class="MsoNormal"><span style="font-size: 11.0pt; font-family: 'Calibri','sans-serif'; color: #1f497d;"><!-- o ignored --> </span></p>
<p class="MsoNormal"><span style="font-size: 11.0pt; font-family: 'Calibri','sans-serif'; color: #1f497d;"><!-- o ignored --> </span></p>
<p class="MsoNormal"><span style="font-size: 11.0pt; font-family: 'Calibri','sans-serif'; color: #1f497d;"><!-- o ignored --> </span></p>
<p class="MsoNormal"><span style="font-size: 11.0pt; font-family: 'Calibri','sans-serif'; color: #1f497d;"><!-- o ignored --> </span></p>
<p class="MsoNormal"><span style="font-size: 11.0pt; font-family: 'Calibri','sans-serif'; color: #1f497d;"><!-- o ignored --> </span></p>
<p class="MsoNormal"><span style="font-size: 11.0pt; font-family: 'Calibri','sans-serif'; color: #1f497d;"><!-- o ignored --> </span></p>
<div>
<div style="border: none; border-top: solid #B5C4DF 1.0pt; padding: 3.0pt 0cm 0cm 0cm;">
<p class="MsoNormal"><strong><span style="font-size: 10.0pt; font-family: 'Tahoma','sans-serif';">From:</span></strong><span style="font-size: 10.0pt; font-family: 'Tahoma','sans-serif';"> AusNOG [mailto:ausnog-bounces@lists.ausnog.net] <strong>On Behalf Of </strong>Phil Pierotti<br /><strong>Sent:</strong> Friday, 8 August 2014 3:01 PM<br /><strong>To:</strong> ausnog@lists.ausnog.net<br /><strong>Subject:</strong> Re: [AusNOG] metadata conference on SkyNews<!-- o ignored --></span></p>
</div>
</div>
<p class="MsoNormal"><!-- o ignored --> </p>
<p class="MsoNormal"><span style="font-size: 11.0pt; font-family: 'Calibri','sans-serif'; color: #1f497d;">Clearly if you need source and destination of every packet then sFlow just doesn't cut the mustard.<!-- o ignored --></span></p>
<p class="MsoNormal"><span style="font-size: 11.0pt; font-family: 'Calibri','sans-serif'; color: #1f497d;"><!-- o ignored --> </span></p>
<p class="MsoNormal"><span style="font-size: 11.0pt; font-family: 'Calibri','sans-serif'; color: #1f497d;">Also as clear (to us, if not them) if you're NOT collecting said 'meta data' on every single packet then why bother capturing any?<!-- o ignored --></span></p>
<p class="MsoNormal"><span style="font-size: 11.0pt; font-family: 'Calibri','sans-serif'; color: #1f497d;"><!-- o ignored --> </span></p>
<p class="MsoNormal"><span style="font-size: 11.0pt; font-family: 'Calibri','sans-serif'; color: #1f497d;">Or are you hoping to capture every N-th terrorist plot, kiddie-porn-ographer or other bogey-man of the moment?<!-- o ignored --></span></p>
<p class="MsoNormal"><span style="font-size: 11.0pt; font-family: 'Calibri','sans-serif'; color: #1f497d;"><!-- o ignored --> </span></p>
<div>
<p class="MsoNormal" style="margin-bottom: 12.0pt;"><strong><span style="font-size: 10.0pt; font-family: 'Verdana','sans-serif'; color: #1f497d;">Phil Pierotti</span></strong><span style="font-size: 10.0pt; font-family: 'Verdana','sans-serif'; color: #1f497d;"><br />Senior Network Engineer<br /><strong>day3 Solutions</strong></span><!-- o ignored --></p>
</div>
<p style="text-align: center;" align="center"><span style="font-size: 10.0pt; font-family: 'Tahoma','sans-serif';">DISCLAIMER: <br />This e-mail and any files transmitted with it may be privileged and confidential, and are intended only for the use of the intended recipient. If you are not the intended recipient or responsible for delivering this e-mail to the intended recipient, any use, dissemination, forwarding, printing or copying of this e-mail and any attachments is strictly prohibited. <br />If you have received this e-mail in error, please REPLY TO the SENDER to advise the error AND then DELETE the e-mail from your system.<br />Any views expressed in this e-mail and any files transmitted with it are those of the individual sender, except where the sender specifically states them to be the views of our organisation.<br />Our organisation does not represent or warrant that the attached files are free from computer viruses or other defects. <br />The user assumes all responsibility for any loss or damage resulting directly or indirectly from the use of the attached files. In any event, the liability to our organisation is limited to either the resupply of the attached files or the cost of having the attached files resupplied.</span><!-- o ignored --></p>
</div>
<!-- html ignored --><br />
<pre>_______________________________________________
AusNOG mailing list
<a href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a>
<a href="http://lists.ausnog.net/mailman/listinfo/ausnog">http://lists.ausnog.net/mailman/listinfo/ausnog</a>
</pre>
</blockquote>
<p> </p>
</body></html>