[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Police was here - whats next?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Police was here - whats next?
From: grarpamp <grarpamp@xxxxxxxxx>
Date: Mon, 30 May 2011 23:59:21 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 30 May 2011 23:59:38 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type; bh=BF7NuqC1PcV7v5g8ZAJ72VdzhLNT3xVgALf/q0a5TEI=; b=hxlB7FQlFE92WDRz27GIayxPXJH7W0XVMP6t2lGLFuDLjxJHBf6HsqonghG/b0/SS6 N7/u7lKJtb9v/0kmjxLi+rLc0LVjvXjrQGCGMV3aJ/V/v6hg0qE5allQ0xzwFYmK2plI zfIFwxzjIh1Ks+fBmFWhif/51f8bGFtSzf+7w=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=ksOVEgJv0/fSg6JiJLrm9VrmQvuoyoLRqc2uDMIUZC+/C8iiUnOxCDbIU9Ce7VXKnP Y9ruYiGGKbBjXbhTSoNEiTao47noAW5Azlz++msQaWjWekHIWRI0R00OfyrTWCDbG4v2 e6QRYVEZ8xeD7Z39EplIQdnSb/epeGoy66fN4=
In-reply-to: <BANLkTim7VhJX3Xadpv3RgBi-xNyk+kF6_A@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <BANLkTim7VhJX3Xadpv3RgBi-xNyk+kF6_A@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

> I ran a tor exit node at that time, and I am confident somebody
> mis-used our tor exit node, as our WLAN is WPA2 encrypted.

This is one reason that if you are in any way [1] mixing:
a) your own use of the internet/Tor
and
b) running an exit relay
you should seriously consider logging either:
a) your own traffic (whether via internet or Tor)
b) exit traffic
c) both
To cover your ass. At least this way you'll have some form of
log you can present if needed to give more weight to an
explanation.

This is easily accomplished by segmenting your network
into separate VLAN's or interfaces and using passive
monitoring such as netflow or tcpdump to capture IP
traffic headers.
It's also easy to encrypt the logs of at least your own traffic
to prevent needless profiling from that data source
should your systems be borrowed against your will.

I'm sure others will argue 'logging bad' and 'legal footing',
so I won't cover those aspects here. To each their own.

[1] Shared computers, IP addresses, physical location,
cohabitation, owners, etc.
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Police was here - whats next?
  - From: andrew

References:
- [tor-talk] Police was here - whats next?
  - From: Clemens Eisserer

Prev by Author: Re: [tor-talk] Using passwords with TOR
Next by Author: Re: [tor-talk] Cannot upgrade tor-devel under FreeBSD
Previous by thread: Re: [tor-talk] Police was here - whats next?
Next by thread: Re: [tor-talk] Police was here - whats next?
Index(es):
- Author
- Thread