[tor-relays] Intrusion Prevention System Software - Snort or Suricata

[Green Dream]

@Mirimir:


>> IPS aren't perfect - they let some unwanted traffic through, and
>> block other traffic that is totally ok.


> That is an issue. But there are many exits, so eventually users should
> find one that works well enough for their purposes.


Re-read what you said and think about this from the user's
perspective. This is a recipe for disaster when it comes to Tor user
experience. Perhaps it seems suitable to you, as a technical person
and a relay operator, but just think about this problem for a barely
technical user, or someone new to Tor. What will actually happen is
people will try Tor, hit a shitty exit with random performance
problems from an IPS, log off and never use Tor again.

Tor needs all the help it can get with regards to usability and
reliability. It's gotten better over the years but I still get
circuits that are borderline unusable. Adding a hodgepodge of blocking
IPS systems into the mix isn't going to help this problem.

No offense to the ISP here (I do think they are within their rights to
take this position), but I think relay/exit operators should find ISPs
that understand Tor and don't demand an IPS.