[tor-relays] Malicious Tor relays - post-analysis after two months
William Kane
ttallink at googlemail.com
Tue Sep 29 09:01:59 UTC 2020
Vigilance is always needed and appreciated, both manual and automated.
Stripping encryption only works when there's a non encrypted port
available, in the case of SMTPS / IMAPS / SSH it's not possible.
As for the other questions, I can't really answer them.
2020-09-28 21:00 GMT, Corl3ss <corl3ss at corl3ss.com>:
> Hello,
>
>
>
> This summer Nusenu shared his posts about malicious relays [1][2] and it was
> followed by many answers.
>
> A very important is Roger's one [3] explaining that the malicious relays
> have been kicked out of the network and that any new one should be
> reported.
>
>
> I was wondering if, with some distance with this summer situation /
> discussion :
> * new malicious relays have been reported in any way ?
> * vigilance / watchfulness is still needed ? if yes :
> * is there specific cases to share (e.g. nodes that block HTTPS on a site
> or redirect to HTTP ?)
> * any concern to have on other protocols that use SSL (imaps, smtps, ssh)
> ?
> * is there / will there be things implemented as a conclusion of the "call
> for support for proposal to limit large scale attacks" ?
> * has it been possible to prepare / set up precautions to avoid this king of
> situation or it is a too long shot for such a problem ?
>
> These questions come with a lot of respect for the project, its teams and
> the work done. No critics, it is just made to update the knowloedge on the
> subject as these questions came back with other friends and relay
> operators.
>
> And perhaps a last one, perhaps specific for Nusenu : how do you define a
> malicious relay ? Sorry but I did not get that precisely, moreover in big
> group analysis.
>
>
> All answers will be read with care and gratitude !
>
>
> ---
> Corl3ss
> 2042 5D39 E7C1 E657 025E A28F 937D 8A90 FCB0 E24A
>
>
> [1] https://lists.torproject.org/pipermail/tor-relays/2020-July/018643.html
> [2]
> https://lists.torproject.org/pipermail/tor-relays/2020-August/018817.html
> [3]
> https://lists.torproject.org/pipermail/tor-relays/2020-August/018845.html
>
More information about the tor-relays
mailing list