[tor-relays] Intrusion Prevention System Software - Snort or Suricata

Markus Koch niftybunny at googlemail.com
Tue Oct 4 22:04:00 UTC 2016


What should a tor exit op do? Ban the user? exits get the traffic from middle nodes and we cant tell (by design) who anyone is. We can block ips but that is not really helping with bots who tries to find vulnerabilities and scan large blocks.

markus

Sent from my iPad

> On 4 Oct 2016, at 23:55, <oconor at email.cz> <oconor at email.cz> wrote:
> 
> If I understand that well ... if tor operator is avare, that his tor node is used for illegal activity (when their ISP told them about that) and he's not going to do anything abou that, he wont be guity by complicity?
> 
> 
> On 04.10.16 22:37, oconor at email.cz wrote:
> 
> > Tor and IPS has both it's own nature and you shouldn't be punished, if
> > your intension was just to filter the bad traffic.
> 
> And who is to decide what constitutes "bad traffic"? I am not a lawyer,
> but in Germany one of the cornerstones of not being held responsible
> for traffic passing through a Tor node is ยง 8 of the Telemediengesetz:
> http://www.gesetze-im-internet.de/tmg/__8.html -- sometimes referred to
> colloquially as the "provider privilege".
> 
> One only is free of responsibility if one neither initiates a transfer,
> nor selects the transfer's destination, nor selects or modifies the
> transmitted data. That's what "passing through" means.
> 
> According to two lawyers I spoke to, exit policies might already be
> borderline breaking these rules for exit nodes, but the technical basis
> at least guarantees that traffic will never reach an exit node that does
> not let it pass. Now think of a firewall that interferes with transfers
> once the data has already reached the exit node. Wouldn't you agree that
> this means selecting/modifiying the transmitted data?
> 
> That's just one national law that I am aware of, I imagine other
> countries have similar regulations in place. Any internet service
> provider interfering with net neutrality risks lawsuits, because it is
> not an ISP's prerogative to decide what traffic is "good" or "bad".
> 
> -Ralph
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> =
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20161005/83f2d889/attachment.html>


More information about the tor-relays mailing list