On Wed, 28 May 2003, ken wrote: > John Kozubik wrote: > > > d) set up an automated script on the server that _constantly_ fetches > > random web pages, thus creating a constant stream of http traffic in and > > out of the server, again diminishing traffic patterns. Log the actual > > proxy requests in some temporary fashion and randomly hit those web sites > > in an automated fashion throughout the day, regardless of whether someone > > is requesting them through the proxy or not...and then, script a constant > > stream of requests to the proxy as well > > Fun & difficult part is setting up fetching of "random" web pages > that looks like real user activity.
Yes, this is a somewhat interesting problem - probably not that difficult considering that the goal here is to create plausible deniability in a setting like a court of law. Generating traffic patterns that convince other crytpographers (or even sysadmins) is much harder than generating traffic patterns that simply create reasonable doubt. > Also, unless you have some very odd friends, user activity will > vary in statistically likely ways over time, so the ideal system > would "randomly" compensate for that. Exactly. The ideal system would monitor in and outbound: - web requests - bytes transferred - bytes per page - pictures per page - binary files transferred - (all of those) / second and generate pseudo-random browsing to smooth these variables over time. Perhaps a script that chose random word pairs from the dictionary, googled them, and browsed the pages that were returned would be a good platform. ----- John Kozubik - [EMAIL PROTECTED] - http://www.kozubik.com