[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Blocking Tor - solutions?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Blocking Tor - solutions?
From: Andrew Lewman <andrew@xxxxxxxxxxxxxx>
Date: Wed, 15 Feb 2012 13:36:05 -0500
Authentication-results: lewman.is;
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 15 Feb 2012 13:36:25 -0500
In-reply-to: <4F3BE8AE.4020203@xxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
Organization: The Tor Project, Inc.
References: <4F3BE8AE.4020203@xxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

On Wed, 15 Feb 2012 18:17:34 +0100
Matej Kovacic <matej.kovacic@xxxxxxxxx> wrote:
> what are the solutions if someone is downloading list of IP addresses
> of Tor exit points and block access to his website from this IP
> addreses?

There is no easy, nor good solution right now. A solution that exists is
to run an unpublished exit relay. You then change the tor client to
allow .exit notation and use your private exit relay. I have heard of
some orgs that do this and share their exit relay with their
membership.  

They use the normal tor network for everything they can, and then
switch to the private-relay.exit notation when needed. If the exit relay
is discovered (whether through cracking, law enforcement collection,
etc), then it could be much easier to map out who used it. It also may
increase liability because the exit relay operator cannot use the easy
explanation of "it was a public tor exit relay, therefore not my
traffic".

The private exit relay still doesn't know where the client is in the
world, but not what the client is doing if using ssl and the like. The
org would possibly know what set of humans have access to it.

This is in no way condoning this option, but I'm continually surprised
at the creativity involved by others in using tor.

-- 
Andrew
http://tpo.is/contact
pgp 0x74ED336B
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Blocking Tor - solutions?
  - From: Daniel Bryg

References:
- [tor-talk] Blocking Tor - solutions?
  - From: Matej Kovacic

Prev by Author: Re: [tor-talk] Call for volunteers for UCL Usable Security, Privacy, and Tor study
Next by Author: Re: [tor-talk] Blocking Tor - solutions?
Previous by thread: Re: [tor-talk] Blocking Tor - solutions?
Next by thread: Re: [tor-talk] Blocking Tor - solutions?
Index(es):
- Author
- Thread