Hacker strikes through student's router

Anthony DiPierro or at inbox.org
Wed Nov 9 13:42:44 UTC 2005 

On 11/9/05, Geoffrey Goodell <goodell at eecs.harvard.edu> wrote:
>
> On Tue, Nov 08, 2005 at 10:14:31PM -0500, Anthony DiPierro wrote:
> > How hard would it be to run a Tor exit node which accepts GET requests
> but
> > not POST requests? Or, possibly, POST requests could simply be passed on
> to
> > another Tor exit node? Would it be ethical to do this? You'd have to
> examine
> > the traffic to see if it was a GET or a POST, but you wouldn't have to
> store
> > anything.
>
> The difference between filtering by transport-layer headers (e.g. port
> number) and filtering by application-layer headers (e.g. HTTP request
> type) is one of degree, not one of kind. Whether it is ethical to do
> this is debatable. However, right now there does not exist a way to
> describe this sort of filtering in the exit policy, and thus may degrade
> client performance. Also, it is not possible (without substantial
> modification to Tor) to simply pass along the request to another Tor
> node, since this would mean somehow extending the circuit and
> reattaching the stream in-flight!
>
> Intuitively, if there were a magical box that could filter out "evil"
> traffic while allowing all "good" traffic to pass, it would be great to
> deploy it at every exit node. However, the nature of communication is
> such that this is either difficult or impossible to quantify.
>
> A more pressing problem that still needs to be addressed is, how do we
> deal with cases in which such filtering is happening already? Not only
> can Tor node operators firewall their exits, but their upstream ISPs can
> null-route traffic to particular destinations...
>
> Geoff

 Maybe we should look into implementing RFC 3514 filtering based on the
"evil bit". As an advantage that works at the same layer as Tor. :)
 Seriously though, this is kind of the response I expected. I'd be a bit
nervous about putting up a server which allowed unfiltered port 80 traffic,
as far as getting in trouble with my ISP. I'm sure a lot of people feel the
same way, too. Even just allowing GET requests would take load off the other
exit nodes, but apparently this isn't really possible with the
implementation of Tor.
 Anyway, I guess filtering by IP address would be the safest way to go
there, and would still potentially draw a bit of traffic if you include some
popular services. Of course the best scenario would be to just get enough
people using Tor that the ISPs can't complain without losing lots of
customers, but that right now is just wishful thinking. :)
 Anthony
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20051109/4ff2a513/attachment.htm>

More information about the tor-talk mailing list