[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Why TOR Operators SHOULD always sniff their exit traffic...
gee this just hit slashdot a while ago...
yet another reason sniffing is a GOOD thing for tor operators...
*Schneier on Attack Trends: More Complex Worms*
*Posted by timothy <http://www.monkey.org/%7Etimothy/> on Wednesday June
*from the malice-on-the-loose dept.*
Gary W. Longsine <http://intrinsicsecurity.com/> writes /"Bruce Schneier
has posted an interesting entry on expected attack trends
his blog. Of particular interest is the increasing sophistication of
automated worm-based attacks. He cites the developing W32.spybot.KEG
<http://www.symantec.com/avcenter/venc/data/w32.spybot.keg.html> worm --
once inside a network it scans for several vulnerabilities and reports
its findings via IRC. Trend Micro also has information on a
scanning-capable version of this worm, which they call: WORM_SPYBOT.ID
Gee... if it can be exposed by sniffing then it isnt much of a privacy
network. Tor operators/developers should Always sniff their servers
traffic at least occasionally to see if holes or information is being
A tor/patcher who always sniffs his server traffic
a tor user
ps not only is it NOT rude it is completely legal in the US at least
to monitor the traffic to/from a given server if you own that server,
this is completely a legal action under ECPA.
Robert Mischke wrote:
--- "Jonathan D. Proulx" <jon@xxxxxxxxxxxxx> schrieb:
On Wed, Jun 08, 2005 at 06:48:24PM +0100, Adam
:You could port sniff outbound 6667 ports with
tcpdump or ethereal.
that's a bit rude,
Not only rude, but illegal in several countries. Of
course, this can be done in secrecy, but I think
advocating sniffing in the context of a privacy
network is Not A Good Idea (tm).
von Yahoo! Mail - Jetzt mit 1GB Speicher kostenlos - Hier anmelden: