-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In addition, there's a host of possibilities (both good and bad) by being able to control a Tor relays traffic. I could be wrong, my previous findings may seem to indicate that anyone with the ability to strategically place a good number of middle and exits nodes can shape or at least control some of the Tor traffic. ZW mentioned previously: "Tor is still using IP, so there is no way around the fact that a relay operator can observe the IP addresses of hosts in direct communication with their relay(s).", and this to me presents a problem in maintaining complete anonymity. On 10/28/2013 8:09 AM, Nelson wrote:
Hello!
Konrad, initially and completely unrelated to Tor, I was working on adding some blocklists to my firewall when I came upon and old program, Peerblock. Peerblock from what I remember can log all allowed and blocked traffic, and gives one the ability to use already made blocklists or create new ones. Peerblock has some interesting blocklists and I thought maybe I could use some of those blocklists or some of the listed IP's to filter warez, P2P and other undesirable sites.
Tor (middle) Relays don't have the filtering options like Exit Relays. With Exit Relays one can choose the type of traffic based on personal and legal reasons, then I thought why don't middle relays at least have some mechanism to block undesirable traffic?
So I installed Peerblock on one of my Windows PC's that has a Tor Relay (HelloChilli). Initially Peerblock was set to allow all traffic and to my surprise I could see what seemed to be Tor traffic being logged. Then I activated some blocklists and sure enough I was apparently able to block traffic from undesirable sources. Further, I can right click, copy to clipboard the ip addresses of the blocked ip's, do an NSLOOKUP and generally discern whether the ip address is from a listed Tor relay, a VPN service, from Anti-P2P, Gov or other sources.
My initial curiosity about viewing real-time Tor traffic and the ability to block specific traffic on my middle-node seemed to be achieved.
--Nelson
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJSboGMAAoJEFlSVOvcX0rH7WwP/0/2QNeiBVX16fOPsKDKxHxB cNC4GagCdvlnHAHufkZEGYDTFnDmQou8dvc0ldXYNvTlSEqBfSd1zzMQEW24SAWw /Wlp1hH3tYcEe+AiAvx3jIUR+RdQ7Qp3elfKQmyAVcmNomGPDDB90u+p/Kvp5Lhw dnCj1pA/jV9rJsZRk5SPHuwk2hWZIhmWdcuurkrx/UISAU2QMJzjnkjzlgIMq9od 6gz95IQM6r15sF/ezLP+IwQ8Ltb9AmtrZc7u4MIB8i7Ki5tT5u9A2sIy2z7pJLnG z46JP9LOy5WTlAc1nHxxS2BJqFzQ2IjOQ1zYaJOf9tgfeubY9QJyiKSphUXv/UtF Y7JCdhw9JfpE6+2F9a9bVczymVrvLthb2XK82n+S2SSRVLSD81Tg7WVjo6LvyhBn 72G85kbF4srGnmHSIBtZtAOmG+2E9rBzuDPk/ULwILC8kyv8uxc/zT7OsO0jQ4ZF fmXXbn6wLyhf5nxz7a6XFrcWiGLAJzCL+J8l4/B8EOOfLJAmkqDKrVWTywR+STi3 fiZ04oCkuKi+fQ/lZUYwbI7DPQiN+yZOvBzqevqtP+/nBTTe2wQhWcWx4Wu3tZon ElNkJaWDcpPURO3/y3z/kpwWm7fPHq9A5yrYfpA6rYEWBPETgczYyAx2gSx5Uelg A/Qrq2RPXKyUIDeRPnwg =oR1g -----END PGP SIGNATURE-----