Tor server "nami" taken by the German Police
John Case
case at sdf.lonestar.org
Wed Sep 30 04:34:21 UTC 2009
On Tue, 29 Sep 2009, grarpamp wrote:
>> Finally, what generalizations can be made about the behaviors that
>> eventually lead to a police interaction ?
>
> Carding, cracking, death threats, piracy, all the usual things and more.
> Seems pretty obvious. Tor just makes it interesting because it's
> simply a newfangled carrier that can be used for good or bad. No different
> than if you were to set up asterisk with a [t/e]-1 and call yourself a
> phone company. That's where the raid/arrest risk lies... not enough
No, no - I understand what the behavior in meatspace is like - I wonder
what the behavior looks like on the network.
Take carding ... presumably that all takes place on 443, as carders use
online merchants to either test or use the cards. I'm guessing
meta-carding (forums for trading, etc.) also take place on 443.
Spam is on 25. System intrusion could be anywhere, I guess.
I assume that the child pornography is either in the same places as the
piracy (bittorrent on well known ports and usenet ?) or also on 443 ...
And round it out with DoS and other foolishness on 6666/6667 (irc).
Are these fair generalizations, and thus I could start to guess about a
"safer" exit node configuration ... perhaps 22 and 80 ? I would think an
SSH based BBS for trading pirated/illegal content must be very rare, if
not non-existent, and nobody would be doing serious lawbreaking on plain
old port 80 ?
In reality, I run more open than just 22 and 80, but I'd like to know if
this line of thought is going in the right direction at all ... can we
even make generalizations about TCP traffic policy decisions that will
minimize police contact ?
***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
More information about the tor-talk
mailing list