[tor-talk] Mailing List: OrNetRadar
nusenu
nusenu at openmailbox.org
Tue Mar 8 20:19:53 UTC 2016
Hi,
since I got a question about who is running OrNetRadar I figured I'd
answer this on list.
OrNetRadar [1] is a mailing list to publish and learn about
(automatically) detected events on the tor network (potential Sybil
attacks, undeclared families, anomalies, ...).
(There was no ML on lists.torproject.org with that topic.)
[1] https://lists.riseup.net/www/info/ornetradar
Archive of previous emails (list started in Aug 2015):
http://news.gmane.org/gmane.network.onion-routing.ornetradar
> Do you know anything about this list, like who runs it,
> how it gets its data, etc.?
It uses Karsten's great onionoo data from
https://onionoo.torproject.org/
> I do some malicious tor detection with hidden services, exit node
> manipulation and run one of the 9 directory authorities, and I just
> learned about this list recently, and so far nobody has been able to
> tell me anything about it. I'd like to determine if it is something I
> should pay more attention to.
Directory authority operators are probably the perfect audience for such
a list since they are the only one with the power to react to events
(i.e. Sybil attacks), great to see some interest.
The list is meant to be filtered/sorted client side. I.e. if you do not
care about small relay groups or the daily bunch of Windows "default"
bots joining the network you can remove such incoming emails by creating
custom filters based on the subject (the groupsize is the last part of
the subject).
As time allows it I'd like to add more alert/detection types in future.
regards,
nusenu
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20160308/8bd551de/attachment.sig>
More information about the tor-talk
mailing list