[tor-relays] Intrusion Prevention System Software - Snort or Suricata
oconor at email.cz
oconor at email.cz
Wed Oct 5 12:06:06 UTC 2016
Unfortunately for us (as an ISP) it's not just about passing these messages.
If we don't want to be accused from not stopping something illegal we knew
about, we need some feedback - what have been done to prevent this to happen
in the future. If there is no feedback, we usualy disconnect the server from
network.Anyway blocking ips via policy isn't usualy sufficient and the
problem will appear soon again. Then we also randomly monitor the traffic to
se if it is really clean as promissed. It's really time consuming and that's
why I would like to combine tor with some IPS for automation of the "policy
set process".
"On 05.10.16 13:16, Markus Koch wrote:
> reality is many sites will not block Tor traffic but will send
> (automated) abuse mails over and over and over again.
True, sadly. And like you said it is their right not to block Tor based
traffic. But it is your right not to heed their ongoing complaints and
sabre-rattling, like it is your right to voluntarily update your exit
policies. My point is that none of these choices requires your ISP to
spend time, money or even thought on the issue, all that is required is
passing it along to the Tor operators.
-Ralph
_______________________________________________
tor-relays mailing list
tor-relays at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20161005/ac53078f/attachment.html>
More information about the tor-relays
mailing list