[tor-relays] Filtering TOR Non-exit Relay - Just Curious

[Nelson]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In addition, there's a host of possibilities (both good and bad) by
being able to control a Tor relays traffic. I could be wrong, my
previous findings may seem to indicate that anyone with the ability to
strategically place a good number of middle and exits nodes can shape
or at least control some of the Tor traffic.

ZW mentioned previously: "Tor is still using IP, so there is no way
around the fact that a relay operator can observe the IP addresses of
hosts in direct communication with their relay(s).", and this to me
presents a problem in maintaining complete anonymity.


On 10/28/2013 8:09 AM, Nelson wrote:
> Hello!
> 
> Konrad, initially and completely unrelated to Tor, I was working on
> adding some blocklists to my firewall when I came upon and old 
> program, Peerblock. Peerblock from what I remember can log all 
> allowed and blocked traffic, and gives one the ability to use 
> already made blocklists or create new ones. Peerblock has some 
> interesting blocklists and I thought maybe I could use some of 
> those blocklists or some of the listed IP's to filter warez, P2P 
> and other undesirable sites.
> 
> Tor (middle) Relays don't have the filtering options like Exit 
> Relays. With Exit Relays one can choose the type of traffic based 
> on personal and legal reasons, then I thought why don't middle 
> relays at least have some mechanism to block undesirable traffic?
> 
> So I installed Peerblock on one of my Windows PC's that has a Tor 
> Relay (HelloChilli). Initially Peerblock was set to allow all 
> traffic and to my surprise I could see what seemed to be Tor 
> traffic being logged. Then I activated some blocklists and sure 
> enough I was apparently able to block traffic from undesirable 
> sources. Further, I can right click, copy to clipboard the ip 
> addresses of the blocked ip's, do an NSLOOKUP  and generally 
> discern whether the ip address is from a listed Tor relay, a VPN 
> service, from Anti-P2P, Gov or other sources.
> 
> My initial curiosity about viewing real-time Tor traffic and the 
> ability to block specific traffic on my middle-node seemed to be 
> achieved.
> 
> --Nelson
> 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJSboGMAAoJEFlSVOvcX0rH7WwP/0/2QNeiBVX16fOPsKDKxHxB
cNC4GagCdvlnHAHufkZEGYDTFnDmQou8dvc0ldXYNvTlSEqBfSd1zzMQEW24SAWw
/Wlp1hH3tYcEe+AiAvx3jIUR+RdQ7Qp3elfKQmyAVcmNomGPDDB90u+p/Kvp5Lhw
dnCj1pA/jV9rJsZRk5SPHuwk2hWZIhmWdcuurkrx/UISAU2QMJzjnkjzlgIMq9od
6gz95IQM6r15sF/ezLP+IwQ8Ltb9AmtrZc7u4MIB8i7Ki5tT5u9A2sIy2z7pJLnG
z46JP9LOy5WTlAc1nHxxS2BJqFzQ2IjOQ1zYaJOf9tgfeubY9QJyiKSphUXv/UtF
Y7JCdhw9JfpE6+2F9a9bVczymVrvLthb2XK82n+S2SSRVLSD81Tg7WVjo6LvyhBn
72G85kbF4srGnmHSIBtZtAOmG+2E9rBzuDPk/ULwILC8kyv8uxc/zT7OsO0jQ4ZF
fmXXbn6wLyhf5nxz7a6XFrcWiGLAJzCL+J8l4/B8EOOfLJAmkqDKrVWTywR+STi3
fiZ04oCkuKi+fQ/lZUYwbI7DPQiN+yZOvBzqevqtP+/nBTTe2wQhWcWx4Wu3tZon
ElNkJaWDcpPURO3/y3z/kpwWm7fPHq9A5yrYfpA6rYEWBPETgczYyAx2gSx5Uelg
A/Qrq2RPXKyUIDeRPnwg
=oR1g
-----END PGP SIGNATURE-----