[tor-relays] Network Scan through Tor Exit Node (Port 80)
mick
mbm at rlogin.net
Thu Mar 3 10:43:11 UTC 2011
On Tue, 01 Mar 2011 13:34:23 -0800
Jacob Appelbaum <jacob at appelbaum.net> allegedly wrote:
<snipped>
>
> >
> > I am attracted to cmeclax's idea of some form of torrc config option
> > which could limit the potential for deliberate (or accidental but
> > "reckless") scanning. Is there any mileage in pursuing something
> > like that further? And if not, are there any other (current)
> > recommended configurations which could mitigate possible problems?
> >
>
> I don't think such a configuration option makes any sense at all. We
> have many streams on a given circuit for load balancing. A clever
> scanner would simply use one circuit per connect attempt and it would
> generate a lot of load on the network.
>
> I'd suggest that if you're concerned about someone making connections
> from your computer, it's probably a bad idea to run an Exit node...
OK, so that idea may not be a runner - but surely the whole purpose of
the exit policy system is to allow us to run exit nodes which /do/
limit activity to that which we deem acceptable (or legal).
Mick
---------------------------------------------------------------------
The text file for RFC 854 contains exactly 854 lines.
Do you think there is any cosmic significance in this?
Douglas E Comer - Internetworking with TCP/IP Volume 1
http://www.ietf.org/rfc/rfc854.txt
---------------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20110303/9f4284fc/attachment.pgp>
More information about the tor-relays
mailing list