On Sunday 27 February 2011 11:59:47 mick wrote:
Hmmm. Maybe I should have said "should" rather than "would". And you seem to have missed the point about network scanning being illegal in some jurisdictions. Section 3 of the UK Computer Misuse Act of 1990, as amended by the Police and Justice Act of 2006 makes such "reckless" activity an offence.
<snip>
And regardless of the legality of the action, the AUPs of the service providers that most of us use for our tor nodes will specifically preclude network scanning (along with mail spamming etc). This means that providers could (as has been the case for Bianco Veigel) get irritated enough to shut down the service.
<snip>
If my exit node was cited as the source of potentially hostile network scanning and my MSP /did/ pull the plug, I'd be disappointed, and tor would be shy of at least one exit node. But if I believed that the activity was the result of some "reputable" researcher simply using tor for his or her own ends /without/ warning tor relay owners, I'd be pretty pissed off.
I'd welcome the views of other node providers here.
Here's my proposal: Add a parameter PortScanLimit to the relays section of torrc. It can be set to any nonnegative integer. If PortScanLimit is n>0, then as soon as a circuit has made n failed attempts to connect, the relay shuts down the circuit. If PortScanLimit is 0, there is no limit on failed attempts to connect. Relay operators in jurisdictions or ISPs that prohibit port scanning can set this to, say, 10, and relay operators not in such jurisdictions who have no qualms about their exit node being used for scanning can set it to 0. This parameter should not be listed in the directory; any client running a port scan will eventually find an exit that allows scanning, if there are any.
cmeclax