4 Oct
2016
4 Oct
'16
7:57 p.m.
Am 04.10.2016 um 18:46 schrieb Moritz Bartl:
Still, this will not help in this (and related) cases: I have not yet seen proven cases where the reputation of the netblock was endangered, but if an ISP is afraid of that, there's no good way to cooperate. An IDS is their obvious suggestion, which just shows that they don't understand how Tor works.
That is obviously true and kind of shame for a huge ISP, but you cant tell them frankly without putting your one year contract at risk and loosing further room for negotiation over a few thousands mile distance :-(
I argue strongly against deploying such systems on Tor exits. It will mess up more than it does good, and it won't be able to reliably detect *and block* bad behaviour.