[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] SSH scans from Tor exit

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] SSH scans from Tor exit
From: grarpamp <grarpamp@xxxxxxxxx>
Date: Wed, 30 Apr 2014 16:21:14 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 30 Apr 2014 16:21:30 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=iuu0RxmJvEToIWD7s72JuDjZnsq9PIwIuqzBG1HDRUc=; b=KaEUFKmBatIP6UvFqU+XZaiefqnOF9ILtpUC2yiBEc6L5uD+rGBHLt9iOkaj8/m5GD xrdA0sPRo7AGPkCcK5IgVogCExUah906a5cMRj+6NnrcB2xDzOCcTKCYUyZiMao5uNkK k3uRKwDT0ZQSQBwRiok5d356cfifXEqbVlrSpGSmpyZPIj/0MiSsnnqBIUvyzJIwELJO 6qKQMgyclds+ARnViSs3ggJ7WwzHQtRPaG8WcTe1kWCrfkrRSCcM9zihljSHp/EBfsaS 2y8CfEJCN3mxMaJbWICTsP5Iv3d8fcKut575spfpFA4/6M94tFGI//7FlPPwc8aMNDUc 7CKQ==
In-reply-to: <53613D91.9050103@xxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <105aeadd2d5.00000a7dbeatthebastards@xxxxxxxxx> <535EDA9E.7000402@xxxxxxxxxx> <116035F11C4.00000B49beatthebastards@xxxxxxxxx> <CAKCAbMhf1pe576BKiVGgQuo8qU2TU0eCDUZo=JBkH1xckbhv9g@xxxxxxxxxxxxxx> <535F1B27.7010306@xxxxxxxxxx> <CAD2Ti2-YiCH9gV1VoGaMWR4sGJCdhLRc1L+_A0y+seyBS2iraw@xxxxxxxxxxxxxx> <53613D91.9050103@xxxxxxx>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

On Wed, Apr 30, 2014 at 2:14 PM, Delton Barnes <delton.barnes@xxxxxxx> wrote:

> I'd suggest the problem is administrators treating a Tor exit node the
> same as a compromised machine.

Sure, and it's part of the sometimes improper administrivia kneejerk
response. And the SCREAMING involved with this one certainly incites
an unbalanced response upon the less experienced/knowledgeable.

> these attacks, so administrators should have to just accept them."

The operator of agnostic midpoint carriage services / relay is different
than the ISP of the following two machines, and different than the
targeted machine, or the attacking machine. Each has different rules
of play available to them, with the midpoint carrier likely having least
duty among them to do anything. It's not as if blocking exit:22 to the
reporter's machine is going to do anything useful on their end given
the rest of the internet they're open to, but if you want to appease them
and your upstream, feel free. I wouldn't, but to each their own relay policy :)
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

References:
- Re: [tor-relays] SSH scans from Tor exit
  - From: s7r@xxxxxxxxxx
- Re: [tor-relays] SSH scans from Tor exit
  - From: I
- Re: [tor-relays] SSH scans from Tor exit
  - From: Zack Weinberg
- Re: [tor-relays] SSH scans from Tor exit
  - From: Michael Wolf
- Re: [tor-relays] SSH scans from Tor exit
  - From: grarpamp
- Re: [tor-relays] SSH scans from Tor exit
  - From: Delton Barnes

Prev by Author: Re: [tor-relays] SSH scans from Tor exit
Next by Author: Re: [tor-relays] Bridge Operators - Heartbleed, Heartwarming, and Increased Help
Previous by thread: Re: [tor-relays] SSH scans from Tor exit
Next by thread: Re: [tor-relays] SSH scans from Tor exit
Index(es):
- Author
- Thread