Why TOR Operators SHOULD always sniff their exit traffic...
tor
tor at algae-world.com
Wed Jun 8 19:51:04 UTC 2005
gee this just hit slashdot a while ago...
yet another reason sniffing is a GOOD thing for tor operators...
*Schneier on Attack Trends: More Complex Worms*
Worms <http://slashdot.org/search.pl?topic=220>
*Posted by timothy <http://www.monkey.org/%7Etimothy/> on Wednesday June
08, @12:39AM*
*from the malice-on-the-loose dept.*
Gary W. Longsine <http://intrinsicsecurity.com/> writes /"Bruce Schneier
has posted an interesting entry on expected attack trends
<http://www.schneier.com/blog/archives/2005/06/attack_trends_2.html> to
his blog. Of particular interest is the increasing sophistication of
automated worm-based attacks. He cites the developing W32.spybot.KEG
<http://www.symantec.com/avcenter/venc/data/w32.spybot.keg.html> worm --
once inside a network it scans for several vulnerabilities and reports
its findings via IRC. Trend Micro also has information on a
scanning-capable version of this worm, which they call: WORM_SPYBOT.ID
<http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_SPYBOT.ID>"/
tor wrote:
> Gee... if it can be exposed by sniffing then it isnt much of a privacy
> network. Tor operators/developers should Always sniff their servers
> traffic at least occasionally to see if holes or information is being
> exposed.
>
>
> A tor/patcher who always sniffs his server traffic
>
>
> a tor user
> ps not only is it NOT rude it is completely legal in the US at least
> to monitor the traffic to/from a given server if you own that server,
> this is completely a legal action under ECPA.
>
> Robert Mischke wrote:
>
>> --- "Jonathan D. Proulx" <jon at csail.mit.edu> schrieb:
>>
>>
>>
>>> On Wed, Jun 08, 2005 at 06:48:24PM +0100, Adam
>>> Langley wrote:
>>>
>>> :You could port sniff outbound 6667 ports with
>>> tcpdump or ethereal.
>>>
>>> that's a bit rude,
>>
>>
>> Not only rude, but illegal in several countries. Of
>> course, this can be done in secrecy, but I think
>> advocating sniffing in the context of a privacy
>> network is Not A Good Idea (tm).
>>
>> Regards,
>> Robert
>>
>>
>>
>>
>>
>> ___________________________________________________________ Gesendet
>> von Yahoo! Mail - Jetzt mit 1GB Speicher kostenlos - Hier anmelden:
>> http://mail.yahoo.de
>>
>>
More information about the tor-talk
mailing list