[tor-relays] Intrusion Prevention System Software - Snort or Suricata
Ralph Seichter
tor-relays-ml at horus-it.de
Wed Oct 5 11:01:02 UTC 2016
On 04.10.2016 23:55, oconor at email.cz wrote:
> If I understand that well ... if tor operator is avare, that his tor
> node is used for illegal activity (when their ISP told them about that)
> and he's not going to do anything abou that, he wont be guity by
> complicity?
Like I said, I am no lawyer. However, I do know that German national law
protects service providers from being held responsible as long as they
only pass traffic through. There is an ongoing debate if Tor exit admins
are service providers in the same sense as Internet backbone providers.
Nobody in their right mind would dream of holding Internet exchanges
like DE-CIX responsible for letting "bad traffic" (deliberately using
this nebulous term) pass. Why should Tor operators be treated any
different, only because they operate on a smaller scale? Both pass
traffic from A to B without initiating the transfers, selecting the
destinations, or manipulating the content. Note well that *deliberately*
abusing network infrastructure for unlawful purposes is not protected.
Another important issue: ISPs are not in the position to "tell me about
illegal activity". I work with ISPs in what I believe is generally a
friendly and mutually respectful fashion, and I value the technical
service ISPs provide. However, the question of illegality is determined
by courts alone, no ISP has that right. I had some discussions with one
particular ISP who thought differently, mistakenly thinking that his tech
staff could make the distinction between lawful and illegal. No dice.
As far as abuse complaints go, I encourage ISPs to pass these along to
the Tor operators and not spend any time and resources beyond that. Most
Tor operators are hopefully responsible enough to process complaints in
a reasonable fashion. That, in my opinion, does not mean blocking every
destination IP out of sheer reflex, but rather informing the complaining
party about Tor. The CP is free to block Tor exits, but I believe that
it is their own job, not the job of every Tor operator or ISP. Also, I
don't feel any obligation to spend time making the life of some person
running an outdated, unprotected WordPress installation easier. ;-)
-Ralph
More information about the tor-relays
mailing list