How to capture privacy sensitive data

By default, ithitools avoids capturing privacy sensitive data. However, we have found the need to sometimes analyze the list of IP addresses of the resolvers that contact a server, or the list of erroneous domain names submitted by resolvers. This can be done by using two command line options during capture processing:

  -A                 List all IP addresses and their usage in the report.
  -E                 List all erroneous DNS names and their usage in the report.

Aside from the privacy issues, these options will slow down processing and considerably increase the size of the capture reports.

Because we take privacy seriously, the privacy sensitive options are not available in the default build of ithitools or of the plugin libithicap.so. A command like ithitools -h will not list them. Not having the tools available by default prevents inadvertent activation in a capture setup and transmission to our capture server.

To enable these options, you will need to compile the code with a special option. This can be done as follow, from the source directory:

cmake -DCMAKE_CXX_FLAGS=-DPRIVACY_CONSCIOUS
make clean
make

Availability of the options can be verified with the command ithitools -h. If the options are available, the usage message will include text describing the options:

...
  -N number          Number of packets to read from this capture.
  -X                 Include TCP records in CBOR files.
  -A                 List all IP addresses and their usage in the report.
  -E                 List all erroneous DNS names and their usage in the report.
                     Options A and E are rather slow, and have privacy issues.
                     No such traces enabled by default.

Options used in summary mode:
  -o file.csv        output file containing the computed summary.
...