[tor-relays] Deploy relays using hidden exit IP's?
julian at yon.org.uk
Tue Nov 27 00:06:38 UTC 2012
On Sat, 24 Nov 2012 07:44:48 -0800
Aaron <aagbsn at extc.org> wrote:
> On Sat, Nov 24, 2012 at 4:24 AM, Moritz Bartl <moritz at torservers.net>
> > I don't think it's a good idea. People are always thankful when I
> > can point them to the bulk exit list and torDNSel. I point out that
> > Tor has a lot of users and not all of them are bad, and urge for a
> > temporary block. Most admins seem to follow that advice.
> But in the light of "an IP address is not identity" -- is it
> reasonable to block every user of an IP because one person (or bot) is
> up to no good? Why do people insist on "stopping" problem behavior at
> the network layer?
What else do you propose? You have a service which is costing money to
run, some idiot is abusing it to the detriment of your genuine users,
and the only correlation you can see between connections is that they
originate from Tor exit nodes (remember, the point of Tor is that you
*can't* establish identity). Sure, you may be able to develop an
application level defence against the attack, but that takes time and
resources which may not be immediately available. Meanwhile, of course
you block the originating network! It's just the same as if you're
being flooded by abusive requests all from the same /24: you might not
want to permanently block the whole subnet, but you certainly want to
mitigate the immediate threat. Sysadmin 101: If you don't do something
*now*, you'll regret it tomorrow.
3072D/F3A66B3A Julian Yon (2012 General Use) <pgp.2012 at jry.me>
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 230 bytes
Desc: not available
More information about the tor-relays