On Friday 01 Nov 2013 20:57:54 Ted Smith wrote:
On Sat, 2013-11-02 at 01:27 +0100, Lunar wrote:
Nelson:
Please excuse my ignorance operating Tor relays, but if I run an exit node on Windows 7 and use something like Peerblock and correspoding block lists of P2P sites, wouldn't this be somewhat effective in stopping this sort of undesired traffic on Tor?
No. If the relay says it will deliver a connection in its exit policy, it has to carry it. Otherwise, it will give erratic behaviour on the client side and this is bad. The relay should be flagged BadExit by the authority operators.
Of course, there's nothing stopping you from hooking something like Peerblock up to Tor's control port interface and automatically updating your exit policy to block connections to torrent trackers and peers.
Good idea. :) So let me revise my earlier posts: to reject connections to trackers do something like
ExitPolicy reject *:2710
This will block connections to the Ocelot and XBTT (I think) tracker software on their standard ports. Blocking trackers on port 80 is more difficult, obviously.
To be honest, I wouldn't worry too much about blocking peers; a whitelisted exit policy will take of that, since torrent peers tend to use fairly high range non-standard ports.
One (perhaps nasty) rare case is someone using OpenVPN over Tor, and then torrenting over the VPN, especially since VPN providers will permit port forwarding at their endpoint.
I can see people wanting to VPN over Tor for increased anonymity (especially if the VPN provider accepts anonymous payment) but how popular is this use case? Does anyone have any hard numbers?