[tor-talk] Exit Node Scanning Status
atagar at torproject.org
Wed Jan 30 16:22:57 UTC 2013
> Can anyone tell me what mechanisms we (or the Tor Project members)
> have in scanning for malicious exit nodes. Such as nodes that are
> manipulating DNS requests, stripping SSL, etc. I know of the SOAT
> project from Mike Perry but the last I heard there was a GSOC dev
> working on the project. Is that still being used?
Hi Roc. In theory there are SoaT scanners running and sending their
... but that hasn't been maintained in quite some time. The last
report to tor-exitscanner@ was on 6/9/12 and as I understand it SoaT
needs a lot of love. In addition to that our process for giving relays
a BadExit flag even after they're reported is really poor, requiring
manual intervention by three extremely busy people.
Like many of our spaces the trouble is that there's no one presently
dedicated to making it better. It looks like a fun area (I've been
tempted to write a SoaT counterpart for years) but lack the bandwidth.
Per chance is this something that you'd be interested in leading?
More information about the tor-talk