Why TOR Operators SHOULD always sniff their exit traffic...

tor tor at algae-world.com
Wed Jun 8 19:51:04 UTC 2005 

gee this just hit slashdot a while ago...

yet another reason sniffing is a GOOD thing for tor operators...

*Schneier on Attack Trends: More Complex Worms*
Worms <http://slashdot.org/search.pl?topic=220>

*Posted by timothy <http://www.monkey.org/%7Etimothy/> on Wednesday June 
08, @12:39AM*
*from the malice-on-the-loose dept.*
Gary W. Longsine <http://intrinsicsecurity.com/> writes /"Bruce Schneier 
has posted an interesting entry on expected attack trends 
<http://www.schneier.com/blog/archives/2005/06/attack_trends_2.html> to 
his blog. Of particular interest is the increasing sophistication of 
automated worm-based attacks. He cites the developing W32.spybot.KEG 
<http://www.symantec.com/avcenter/venc/data/w32.spybot.keg.html> worm -- 
once inside a network it scans for several vulnerabilities and reports 
its findings via IRC. Trend Micro also has information on a 
scanning-capable version of this worm, which they call: WORM_SPYBOT.ID 
<http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_SPYBOT.ID>"/

tor wrote:

> Gee... if it can be exposed by sniffing then it isnt much of a privacy 
> network. Tor operators/developers should Always sniff their servers 
> traffic at least occasionally to see if holes or information is being 
> exposed.
>
>
>  A tor/patcher who always sniffs his server traffic
>
>
>    a tor user
> ps not only is it NOT rude it is completely legal in the US at least 
> to monitor the traffic to/from a given server if you own that server, 
> this is completely a legal action under ECPA.
>
>  Robert Mischke wrote:
>
>> --- "Jonathan D. Proulx" <jon at csail.mit.edu> schrieb:
>>
>>  
>>
>>> On Wed, Jun 08, 2005 at 06:48:24PM +0100, Adam
>>> Langley wrote:
>>>
>>> :You could port sniff outbound 6667 ports with
>>> tcpdump or ethereal.
>>>
>>> that's a bit rude,   
>>
>>
>> Not only rude, but illegal in several countries. Of
>> course, this can be done in secrecy, but I think
>> advocating sniffing in the context of a privacy
>> network is Not A Good Idea (tm).
>>
>> Regards,
>> Robert
>>
>>
>>
>>     
>>        
>> ___________________________________________________________ Gesendet 
>> von Yahoo! Mail - Jetzt mit 1GB Speicher kostenlos - Hier anmelden: 
>> http://mail.yahoo.de
>>  
>>

More information about the tor-talk mailing list