[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor exit node issues

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Tor exit node issues
From: CJ <tor@xxxxxxxx>
Date: Fri, 2 Oct 2015 08:27:24 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 02 Oct 2015 02:27:42 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tengu.ch; s=2015; t=1443767246; bh=fym6lzLKRQw1zu6HBzL8CsTttVTz7J2uTo78RHc4TaE=; h=Subject:To:References:From:Date:In-Reply-To:From; b=joQGzV1s42yAzvXfkzd6AAfiDZWbdnnWQIpItn4ZLSwbOPorW27T8uJEL6SxJbMFC jJcoOyszOlorcKY0QRifU0mIvLS5vMA4YZM2cGGw9KJTUgj1X4Rw8U66Bd1gMHEy3s sU226eV7mu22oOP8ql+tXRFZBwRpx/0YvExAqnPU=
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tengu.ch; s=2015; t=1443767246; bh=fym6lzLKRQw1zu6HBzL8CsTttVTz7J2uTo78RHc4TaE=; h=Subject:To:References:From:Date:In-Reply-To:From; b=joQGzV1s42yAzvXfkzd6AAfiDZWbdnnWQIpItn4ZLSwbOPorW27T8uJEL6SxJbMFC jJcoOyszOlorcKY0QRifU0mIvLS5vMA4YZM2cGGw9KJTUgj1X4Rw8U66Bd1gMHEy3s sU226eV7mu22oOP8ql+tXRFZBwRpx/0YvExAqnPU=
In-reply-to: <560DB757.1090005@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <560D81B7.1090209@xxxxxxxx> <560DB757.1090005@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Icedove/38.2.0


On 10/02/2015 12:44 AM, Moritz Bartl wrote:
> On 10/01/2015 08:55 PM, CJ wrote:
>> I'm wondering if I could configure an exit proxy between my exit node
>> and the clear net in order to deny accesses to specific URL parts,
>> like "wp-login.php" and other well-known stuff.
> 
> No, this is not possible in any useful way, sorry. You will mess with
> user traffic, which is something you should never do. It will break
> stuff for regular users. I strongly advise against this, and if it is
> detected your relay will be blacklisted for exiting. Also, you might
> open yourself to severe liability issues if you modify or influence
> forwarded traffic. As an example, Â512 of the US DMCA law only applies
> if "[...] the transmission, routing, provision of connections, or
> storage is carried out through an automatic technical process without
> selection of the material by the service provider" and "the material is
> transmitted through the system or network without modification of its
> content" [1]. Similar passages exist in any country where I have looked
> at the laws, including all of European Union through 'harmonization' of
> each countries laws to meet the requirements of the respective EU
> directive [2]. The relevant laws of several countries are linked in the
> "Tor Exit Guidelines" (please add more countries). [3]
> 
> What you should do instead is convince your ISP to have you listed as
> the abuse contact for the IP address so you don't add to their workload.
> Some ISPs have written scripts that forward abuse complaints to their
> customers automatically based on custom IP addresses mentioned in the mails.
> 
> [1] https://www.law.cornell.edu/uscode/text/17/512
> [2]
> http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:32000L0031:En:HTML
> [3] https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines
> 

Hello Moritz,

thank you for your feedback. I'll try to convince my provider to put me
as "abuse contact" so that I can handle those emails without having to
make 10'000 emails (to the provider, to the "victim" and so on), but I'm
pretty sure they won't: they already didn't want to deactivate their
"netscan" thing that triggers alarm for nothing as well, though I
already told them the IP is dedicated, running on a dedicated instance,
that runs only Tor as exitâ
I'm pretty sure I'll have to cut this exit down, and won't be able to
run a new one elsewhere :(.

The proxy thing was an elegant solution, displaying a 403 error when
people try to access the pages â but indeed, this can as well deny
access by legit usersâ It's a pity seeing that many bots using Tor, and
we cannot do anything against this kind of usage (well, of course, this
is intended ;) ).

Cheers,

C.
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Tor exit node issues
  - From: CJ
- Re: [tor-talk] Tor exit node issues
  - From: Moritz Bartl

Prev by Author: [tor-talk] Tor exit node issues
Next by Author: Re: [tor-talk] pidgin and tor
Previous by thread: Re: [tor-talk] Tor exit node issues
Next by thread: [tor-talk] Internet access
Index(es):
- Author
- Thread