eliminating bogus port 43 exits

Scott Bennett bennett at cs.niu.edu
Sun Jun 14 00:36:48 UTC 2009

     On Sat, 13 Jun 2009 17:37:53 -0500 Tor Fox <torfox.org at gmail.com> wrote:
>Jon wrote:> You want me to provide hard facts?  It does not take a
>whitepaper to inform me that peering at traffic leaving the border is "A
>Good Thing" TM.
>Do you mean, in a perfect world there would be no snooping of exit traffic?
>I might agree with you but in a perfect world we wouldn't need Tor and
>that's getting a little too philosophical for me. The reality of the
>situation is, exit traffic is going to be monitored anyways and it's better
>to just start out assuming that it will be. So, I don't see how looking at
>traffic to improve QoS is going to be "A Bad Thing" TM other than the legal
>issues that were already raised. There's a saying that goes "don't let
>perfect be the enemy of the good".
     [Hmmm...it's getting a bit gassy in here, methinks.]
     It seems to me that Roger dealt with this matter as well as it can
currently be dealt with.  There is a distinction between looking at things
like packet headers and looking at payload data.  The former is acceptable
and necessary at times for proper system and/or network administration,
whereas the latter is probably not acceptable without a court order and may
result in criminal liability in some jurisdictions.  There are obvious
exceptions about payload data, e.g., using tcpdump on your own system to
figure out what is going wrong with the interactions between your client
application(s) and your data base server, but these exceptions just as
obviously are unrelated to what we've been discussing.
     If you use a packet filter on your system, you (in the proxy of your
filtering software) are looking at packet headers.  tor looks at IP addresses
and port numbers in SOCKS connection requests to determine which exit nodes
can serve the requests. If you use QoS software, you are also looking at
packet headers.  If you use NAT/RDR in your configuration to route
packets to/from tor's ORPort and/or DirPort, you (in the proxy of your
filtering software) are looking at packet headers *and you are rewriting them*.
These activities are not at issue and should not be raised as a strawman
argument in favor of snooping on payload data.
     So let's stop arguing over things we shouldn't be arguing about and
return to discussing reduction of abuse of the tor network's resources.

                                  Scott Bennett, Comm. ASMELG, CFIAG
* Internet:       bennett at cs.niu.edu                              *
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *

More information about the tor-talk mailing list