[tor-relays] IP addresses as false positives?

eliaz eliaz at riseup.net
Mon Jan 5 15:55:21 UTC 2015

> Some thing to take in to account as well is that some AVs are known
> to flag Tor as a virus, I would say that maybe it's a possibility that
> traffic gets flagged as such too? I've never used an antivirus, let
> alone one that does traffic inspection so obviously this is conjecture
> on my part.

Are you referring to tor client operation as well as bridge operation? I
run my tor client on a box that I use as needed, and the bridge on a
separate 24/7 box.

> As an example, when I helped a friend set-up Tor Browser on his
> Windows machine, AVG reported that tor.exe was a possible virus and
> removed it, this also happened when we tested the Tor Vidalia bundle.
> This was simply a filesystem check though, rather than packet/traffic
> inspection. It was also very recent, within the last week.

Even on the as-needed box I run the client under tor. I've never gotten
these alerts when running the client. - eliaz

More information about the tor-relays mailing list