[tor-relays] Intrusion Prevention System Software - Snort or Suricata

[Green Dream]

@Tristan:

> there must be something we can do about this as relay
> operators.


No, we don't need to do anything. Tor has been running under these
principles of uncensored access for a long time. Find an ISP that
understands Tor, appreciates the nature of the service and its value,
and is willing to work with you in a reasonable manner on abuse
complaints. It's that simple.


> If you get caught doing something illegal on your home Internet
> connection, there are warnings, and eventually consequences (like being
> disconnected). Just because you run a Tor relay doesn't mean the rules don't
> apply to you, and if we can't do anything to stop illegal activity,
> eventually relays are going to be disconnected.


Apples and oranges; the logic doesn't work for me. The rules (laws)
*are* different for relay operators. See Roger's earlier comments in
this thread. Relay operators are closer to common carrier / ISP laws,
in that there is some degree of legal immunity if you're just passing
bits. This is why an ISP in the United States isn't liable for illegal
activity from a customer (broadly speaking, IANAL, etc). Yes we need
to be responsive to abuse complaints, but no, we don't have to
implement IPS systems or proactively block traffic just to appease an
ISP who gets stressed out by automated abuse complaints.