[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
From: krishna e bera <keb@xxxxxxxxxxxxxx>
Date: Wed, 5 Oct 2016 22:17:17 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 05 Oct 2016 22:19:22 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cyblings.on.ca; s=google; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding; bh=VuVrnmx8fHb9lqd2GISQ5P2yvBWJVLVBp7X7oeCt1og=; b=ih74kMSTKj7IHNJtp0w8n2qaIlVcmdM174GQZ7K7M66riY274prRzqRxfDfG4L1MaY Y+iPYJCLDTrBz8LNcFiaeXOnRZtQo3LkwMfm7lUIbIpRlh/aXdFH2vO454IGsMiHIqlJ gDP6jsSZ2FsVWLPe2RnmK+DXUX5GMec30ejJY=
In-reply-to: <CAAd2PDLnQ1LZj1KCB4wB3T_iq=erEsaZpi9cR1yqG7uUeyD-wA@mail.gmail.com>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <9c712fac-bcd4-41eb-0aeb-f4b2bf03d967@web.de> <8e7f739a-7879-099b-a1c1-792b9ce089b5@horus-it.de> <VnI.aI2{.6Clab1ZXq93.1Nz2LK@seznam.cz> <C263492D-5C73-4BF9-985B-ED2A449DE350@googlemail.com> <W42.aI2E.1Wf3C1ftsrA.1NzATB@seznam.cz> <B4EB4AB0-AEFE-473F-A732-6AA2A9C18708@gmail.com> <07cb3c0b-8f04-5068-6914-cdf1eaa3e766@riseup.net> <CAAd2PDJDneFj4hCeocLGdnYsxvnMQ1Hd2nzpQvhZb67_riBgnQ@mail.gmail.com> <CAKkV4FEM4C9hergsOBMpfEcP+iQSxVqSA3d-3cC5DDx0r2Ku1A@mail.gmail.com> <CAAd2PDK=UhZT_t42o-xAUp9VWGZSLtZoWQBTHqrdCHgwRr5g2w@mail.gmail.com> <CALsPhAEAc64eLJfk2vOmUqmbOrC9DzAMwR-jWMgERXnOAPwYMQ@mail.gmail.com> <CAAd2PDLrh34y2486Bbs7eZE63BxVQchyMNfB+fTX=W_ZXvit5A@mail.gmail.com> <CALsPhAFJJE6Kk-D_xwp_hZGx3o_9UNLV+sFhZgYoG1sNX7O9cA@mail.gmail.com> <CAAd2PD+aHZFszeLmL6sVu2D8Z_-atjMHnRbpQpfxSvDUTpxGJA@mail.gmail.com> <CAKkV4FGN3m8AvAyfD-ege_JHANjKASgigwu02A4HLoAneYXAKg@mail.gmail.com> <CAAd2PDLnQ1LZj1KCB4wB3T_iq=erEsaZpi9cR1yqG7uUeyD-wA@mail.gmail.com>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Icedove/45.3.0

On 05/10/16 06:20 PM, Green Dream wrote:

Criminals using Tor is not a new problem. It's addressed as the first
question in the Abuse FAQ, here:
https://www.torproject.org/docs/faq-abuse.html.en#WhatAboutCriminals

and it's discussed by the EFF here:
https://www.eff.org/deeplinks/2014/07/7-things-you-should-know-about-tor

Exactly, but criminals/dissidents/spies/researchers a.k.a. arguablylegal content, is only half the issue.

The other half is something that maybe Tor people can and should dosomething about (carefully of course) when we can detect it, namelydisruption of the network. This means things like

- floods
- DDoS
- active timing attacks
- messing with DNS
- re-routing

Since these are mostly also problems for ISPs, there may be room forcooperation. One sample question is, if we didnt have to rely only onthe information from Tor nodes, could we do better at automaticallydealing with certain problems?


_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

References:
- [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: pa011
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: Ralph Seichter
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: oconor
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: Markus Koch
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: oconor
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: teor
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: Mirimir
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: Green Dream
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: Tristan
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: Green Dream
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: Markus Koch
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: Green Dream
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: Markus Koch
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: Green Dream
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: Tristan
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: Green Dream

Prev by Author: [tor-relays] monitoring the relay : zabbix?
Next by Author: Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
Previous by thread: Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
Next by thread: Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
Index(es):
- Author
- Thread