-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hey guys,
I've been running some exit nodes for some time now, and they're
doing well. They've burned through many terabytes of bandwidth, and
thanks to Tor's recommended reduced exit policy, complaints have
been minimal. Clearly the vast majority of the Tor traffic is not
malicious, but I have received some reports from other companies and
from my ISP of hacking attempts: SQL Injection, XSS, botnet C&C,
basic things like that. My ISP now tells me that they could reduce
the reports even further by routing the exits through a
"next-generation firewall" which apparently can detect an obvious
clearnet attack and drop that connection a few milliseconds after
the attack occurs. I don't know how the firewall works in detail,
perhaps it has the ability to drop a specific connection rather than
drop all access to the destination IP for a while, nor do I know how
it would interact with Tor's traffic patterns out of an exit. I'm
posting here for opinions.
My question is, is this a good idea, and if so, any advice? Does
anyone have any experience with such a setup?
- --
Jesse V.
/PGP 0xC20BEC80/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQF8BAEBCgBmBQJTvyBdXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQxMjgyMjhENjEyODQ1OTU1NzBCMjgwRkFB
RDk3MzY0RkMyMEJFQzgwAAoJEK2XNk/CC+yAbrcH/2IG+Z6jVNhj9j5EpvHkzl0V
XXn1Fbkw7EV8P+cRfQwgmouGQZ4IhuD9QP21ql7wvAIHIkIeaKNtXDb1jELL6F3z
b1r8IRm2ePOJNl3X3m/5NIbqbz2utdaRqLglo9vhmr26zx+VMJBfzE5AvVLUhq9B
CzBYjJujJcASH9KWN08hhjxu81mS0xUmUnFJIfoV7sJto2y3EmJuCQXauMBsxDsf
1rNQFcoxfKS1YI1v1MdBA/xHNO+UaLUShFQR1mw7RIW8jaPNLTGE157nPXMq9xiX
nTzOjkgZ3RI+qrmhcjwJEcV9BAAO86C6HXJvflbhkVPZkCBB43LFCeUKf+SGRR4=
=98Se
-----END PGP SIGNATURE-----