[tor-relays] exitnodes blocking services

George george at queair.net
Mon Jan 16 19:04:00 UTC 2017


Olaf Grimm:
> An exit node at home is funny. Last year I've got visitors from law
> enforcement early in the morning. Now I have some new "friends" from the
> police department.
> 
> Be warned! They take a look on bad movies and assume you are the one...
> 
> Now I have my servers outside and at home a middle node only.

:)

Yes... in the 'old days' marketing departments thought that Tor exit IPs
appearing in their webalizer or awstats was just some exotic visitors.

Then more savvy admins at large firms realized they could block Tor exit
IPs... then later all public Tor IPs. The delusion that blocking all Tor
traffic somehow mitigates not patching software or maintaining a sane
secure infrastructure seems to carry a lot of weight.

I'd give a +1 to the standard that you don't run a public Tor IP from a
residence... in one case several years ago, a Tor advocacy-geared
presentation I gave meant that a user or two lost access to their online
banking account. Oh, details, details.

OTOH, running a bridge from home should be a principle if you have the
bandwidth and hardware. To run a bridge from home should be strongly
encouraged for anyone capable of doing so. And it doesn't take a lot of
effort to run a few more bridges with trusted friends and families.

Residential bridges can play a critical role in diversifying the Tor
network, and can mitigate much of the censorship we're seeing today.

g




-- 



5F77 765E 40D6 5340 A0F5 3401 4997 FF11 A86F 44E2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20170116/914bcbf3/attachment.sig>


More information about the tor-relays mailing list