------------ |NANO Agent| ------------ 02/27/2009: Version 1.0 Pre-Alpha Release NANO Agent is part of the Network Neutrality Access Observatory (NANO) project at Georgia Tech. http://www.gtnoise.net/nano NANO ==== The goal of NANO is to perform causal inference on network performance data obtained from various clients to determine if ISPs are discriminating against any particular type of network traffic. The system is composed of two main components: the NANO server and the NANO agents. The NANO agents are responsible for passively collecting network performance data from a wide range of clients distributed around the world and report performance summaries back to the NANO server. The server performs causal inference using statistical methods to infer if the performance differences are caused due to ISP discrimination of traffic. NANO Agent ========== We describe the activities of the NANO agent on your system. Our objective is to collect only performance summaries and not to collect any information the user does not want to report. Also, note that NANO only looks at packet headers and overall statistics like number of bytes, timestamps and does not under any circumstance look at the packet contents. The source code is being distributed under the GNU General Public License version 3 (GPLv3). Also, the agent uses freely available open source libraries and their sources as part of the NANO agent. What do we monitor? ------------------- The NANO Agent will passively monitor *all* network traffic on the user specified network interface. The Agent then reports summaries of the monitored traffic data back to the NANO server. All the communication between the Agent and the NANO server happens on an encrypted channel. The agent uses libpcap to capture packets on the network interface. The agent then periodically reports summaries of the captured network traffic to the NANO server. The NANO agent also looks at information in /proc to associate the captured network traffic with particular application running on the system. It also monitors the CPU usage on the system, which is again periodically reported to the NANO servers. For more details, on how this information is used for our causal inference refer to our paper describing NANO at http://www.gtnoise.net/nano Can I block certain domains to not capture traffic to/from? ----------------------------------------------------------- Yes. The user can also specify specific domains it does not want the agent to monitor traffic to/from in the file blockedlist.txt. The domains can be specified one per line with support for wildcards. NANO also allows users to specify IP addresses and port numbers that NANO must not capture or report. See section "Preventing Capture of Domains and Ports" below for more instructions. We would however encourage users to not block the popular domains as it reduces the data available for performing causal inference at the NANO server. Why does NANO Agent run with root priviledges? ---------------------------------------------- The only reason NANO Agent runs as root as it needs to capture packets directly from the network interface. Where does NANO store its data? Is it secure? --------------------------------------------- NANO agents by default all data to NANO servers (nano.gtnoise.net). These servers are hosted at Georgia Institute of Technology. NANO agent uses Secure Socket Layer (SSL) to connect to NANO servers, and all the data captured is sent over this secure channel. SSL channels are very secure: almost all online shopping websites use SSL or similar (TLS) channels to transfer your private information from your Web Browser to the shopping site. Can I access my data? --------------------- Once NANO servers have collected sufficient data for analysis, NANO development team will contact you on the email address that you provide to the NANO Agent while setup. You will be provided with a login and password using which you can access your data and see the analysis that NANO servers perform on your data. Can I temporarily disable NANO Agent? -------------------------------------- Yes. Use the program called nano-agent-pause like following: ./nano-agent-pause --interval=300 This tells the nano-agent to stop capturing all the packets for performance measurements for next 300 seconds. NANO agent resumes automatically after that. If you wish to extend the pause period, simply re-run nano-agent-pause with the new interval. You can similarly resume NANO agent by specifying 0 as interval. ./nano-agent-pause --interval=0 The pause and interval directives take about one second to take effect. When NANO agent is paused, it may still periodically contact the NANO server to inform it that it has been paused.