[tor-relays] Intrusion Prevention System Software - Snort or Suricata

krishna e bera keb at cyblings.on.ca
Thu Oct 6 02:17:17 UTC 2016


On 05/10/16 06:20 PM, Green Dream wrote:
> Criminals using Tor is not a new problem. It's addressed as the first
> question in the Abuse FAQ, here:
> https://www.torproject.org/docs/faq-abuse.html.en#WhatAboutCriminals
>
> and it's discussed by the EFF here:
> https://www.eff.org/deeplinks/2014/07/7-things-you-should-know-about-tor


Exactly, but criminals/dissidents/spies/researchers a.k.a. arguably 
legal content, is only half the issue.

The other half is something that maybe Tor people can and should do 
something about (carefully of course) when we can detect it, namely 
disruption of the network. This means things like
- floods
- DDoS
- active timing attacks
- messing with DNS
- re-routing
Since these are mostly also problems for ISPs, there may be room for 
cooperation.  One sample question is, if we didnt have to rely only on 
the information from Tor nodes, could we do better at automatically 
dealing with certain problems?



More information about the tor-relays mailing list