[tor-talk] Automatic vulnerability scanning of Tor Network?

Steven J. Murdoch tortalk+Steven.Murdoch at cl.cam.ac.uk
Wed Dec 21 12:59:02 UTC 2011

On Tue, Dec 20, 2011 at 07:35:50PM +0100, Fabio Pietrosanti (naif) wrote:
> Please, get an public IP address, don't announce it, don't do anything.
> Now please have a look, without even being a Tor Server, how many mass
> scan your receive.
> So please, don't bother with that justification, a scan like that would
> probably just be one scan of 10000 you receive every week.

The scan which happened yesterday was enough to get the attention of both the
university network security team, and the sys-admins of the department which
hosts my Tor server. The last time this happened was 2009.

It's already difficult enough to host a Tor server, but triggering institutional
IDS is only going to make justifying the benefit of running a node harder.



More information about the tor-talk mailing list