wiki:doc/OONI/CensorshipDetectionTools/ProjectBismark

Project Bismark

General Overview

Project Bismark is a collection of network analysis tools, designed for OpenWRT routers, which provide insight into low-level ISP operations.

Implementation overview

Router firmware. There's some C, and some python, perl, and bash scripts.

Version

0.1

Availability

Public, FLOSS

Openness

Open Source or Free Software Open Data Open Methodologies
yes yes yes

Is the data required for use public?

Yes.

Is the data collected made public under a free license?

Yes.

Is the data format that is used for publication easy to interact with?

Yes.

Platform support

Project Bismark deploys tools for deployment on OpenWRT routers to monitor network statistics.

Intended impact

These tools were designed to increase awareness of ISP traffic manipulation, discrimination, and prioritization, and to give end-users tools which empower them to better understand their local networks.

Test methodology

Most of the actual testing code in Project Bismark comes from other related projects, such as D-ITG, netperf, iperf, DiffProbe, and ShaperProbe. Most of these tools use well-established and reviewed methodologies.

Reporting system

Does this tool offer an anonymous communications channel for submission?

The reporting system is non-anonymous, however, the user's privacy is clearly taken into account, and it is made quite clear that Project Bismark has the ability to tunnel into the router to run tests and collect results at any given time. It is also worth noting that user-generated traffic is never collected nor analysed during testing -- all traffic is resultant form either D-ITG (a traffic generation tool) or the test themselves.

If so, does it offer perspective pivoting?

Not applicable.

If so, does it offer dynamic confirmation of resources?

Not applicable.

What impact or outcome is intended by using the tool or collecting data with this tool?

In addition to user's gaining a better understanding of their network, Project Bismark's tools offer packet-level insight into the the operations of various ISPs, which can be used to hold them accountable to the public.

Check list

Open Source or Free Software Open Data Open Methodologies Used by users User education Collects sensitive information
yes somewhat yes yes yes yes/no...depends on your definition of sensitive[1]

[1] Collects a database of APs and connected devices, which could count as sensitive information to some users.

Notes

bismark

\_server - management server

\_mserver - measurement server

\_ device - connected devices

server

scripts/

  • bdm management script for server, include ssh tunnels and options, managing the device blacklist, opening a console on the server, and executing commands
  • brsh restricted shell for uploading measurement results from /var/data and adding recovery tunnels though "$ bdm settunnel"
  • clone_prod_db perl script...sigh mysqldumps to /var/tmp file
  • csv_parser_airodump.py saves seen devices from and airodump .csv and stores in a mysqldb
  • device_mon script which sends emails if a device hasn't sent a report recently
  • events_parser.py parses mysqldb into a text file to be archived events include MEASUREMENTS TRACEROUTES TRACEROUTE_HOPS USERDEVICE WIFI_SCAN WIFI_ASSOC DHCP_LOGS ARP_LOGS EVENT_LOGS
  • ...more boring parsing stuff

src/

  • bdmd.c Bismark Device Manager Daemon waits for pings and messages containing information on devices, when recieved, writes to db
  • udpproxy.c zomg it's in italian... "struttura per memorizzare la risoluzione del nome del server" well, now I now how to say "struct for pointers to the resolution of the server name" in Italian. that'll come in handy. multi-threaded multi-client UDP proxy server

mserver

"D-ITG (Distributed Internet Traffic Generator) is a platform capable to produce traffic at packet level accurately replicating appropriate stochastic processes for both IDT (Inter Departure Time) and PS (Packet Size) random variables (exponential, uniform, cauchy, normal, pareto, ...). D-ITG supports both IPv4 and IPv6 traffic generation and it is capable to generate traffic at network, transport, and application layer."

The same university and department released a similar tool, ShaperProbe, to detect traffic shaping. http://www.cc.gatech.edu/~partha/diffprobe/shaperprobe.html

Last modified 5 years ago Last modified on Jun 30, 2012, 8:51:58 AM