What he said.
No DMCA so far but, one thing I keep getting is complaints about "SQL injection attacks". Apparently snort or other IDS picks this stuff up and emails the abuse box. Some but not all of the complaints are automated.
It would be nice if something could detect these attack signatures on the internet-bound packets from our exit node and drop them. With trends as they are, we'd see zero abuse complaints, if there were a good way to do that.
On Wednesday 30/10/2013 at 6:41 am, Moritz Bartl wrote:
On 25.10.2013 19:13, krishna e bera wrote:
ExitPolicy accept *:1723 # PPTP
How are you getting PPTP to work over Tor? The ISP-supplied modems i've seen won't pass IP protocol 47 (GRE) packets without putting the target machine in a DMZ.
https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy contains it.
It's more of a "catch all" exit policy, but gets rid of most DMCA complaints. _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Hi,
Sounds like you risk ending up with a censorship tool controlled by those who control the list of attack signatures.
I'd prefer if we educate service providers about this dangerous place called the internet with the goal of making them turn down the volume on their sirens a notch.
tor@t-3.net wrote Wed, 30 Oct 2013 07:56:28 -0400:
| What he said. | | No DMCA so far but, one thing I keep getting is complaints about "SQL | injection attacks". Apparently snort or other IDS picks this stuff up | and emails the abuse box. Some but not all of the complaints are | automated. | | It would be nice if something could detect these attack signatures on | the internet-bound packets from our exit node and drop them. With | trends as they are, we'd see zero abuse complaints, if there were a | good way to do that. | | | | | On Wednesday 30/10/2013 at 6:41 am, Moritz Bartl wrote: | > On 25.10.2013 19:13, krishna e bera wrote: | >> | >>> | >>> ExitPolicy accept *:1723 # PPTP | >> How are you getting PPTP to work over Tor? The ISP-supplied modems | >> i've | >> seen won't pass IP protocol 47 (GRE) packets without putting the | >> target | >> machine in a DMZ. | > | > https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy%3E contains it. | > | > It's more of a "catch all" exit policy, but gets rid of most DMCA | > complaints. | > _______________________________________________ | > tor-relays mailing list | > tor-relays@lists.torproject.org | > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays | | _______________________________________________ | tor-relays mailing list | tor-relays@lists.torproject.org | https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays@lists.torproject.org