[tor-relays] Amazon abuse report
Paritesh Boyeyoko
parity.boy at gmail.com
Sat Nov 2 03:05:59 UTC 2013
On Friday 01 Nov 2013 20:57:54 Ted Smith wrote:
> On Sat, 2013-11-02 at 01:27 +0100, Lunar wrote:
> > Nelson:
> > > Please excuse my ignorance operating Tor relays, but if I run an exit
> > > node on Windows 7 and use something like Peerblock and correspoding
> > > block lists of P2P sites, wouldn't this be somewhat effective in
> > > stopping this sort of undesired traffic on Tor?
> >
> > No. If the relay says it will deliver a connection in its exit policy,
> > it has to carry it. Otherwise, it will give erratic behaviour on the
> > client side and this is bad. The relay should be flagged BadExit by the
> > authority operators.
>
> Of course, there's nothing stopping you from hooking something like
> Peerblock up to Tor's control port interface and automatically updating
> your exit policy to block connections to torrent trackers and peers.
Good idea. :) So let me revise my earlier posts: to reject connections to
trackers do something like
ExitPolicy reject *:2710
This will block connections to the Ocelot and XBTT (I think) tracker software
on their standard ports. Blocking trackers on port 80 is more difficult,
obviously.
To be honest, I wouldn't worry too much about blocking peers; a whitelisted
exit policy will take of that, since torrent peers tend to use fairly high
range non-standard ports.
One (perhaps nasty) rare case is someone using OpenVPN over Tor, and then
torrenting over the VPN, especially since VPN providers will permit port
forwarding at their endpoint.
I can see people wanting to VPN over Tor for increased anonymity (especially
if the VPN provider accepts anonymous payment) but how popular is this use
case? Does anyone have any hard numbers?
--
Parity
parity.boy at gmail.com
More information about the tor-relays
mailing list