[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
From: Andreas Krey <a.krey@xxxxxx>
Date: Thu, 6 Oct 2016 05:16:00 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 05 Oct 2016 23:16:15 -0400
In-reply-to: <52500d43-427c-502c-a82c-04c7bca18f4a@riseup.net>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <8e7f739a-7879-099b-a1c1-792b9ce089b5@horus-it.de> <VnI.aI2{.6Clab1ZXq93.1Nz2LK@seznam.cz> <C263492D-5C73-4BF9-985B-ED2A449DE350@googlemail.com> <W42.aI2E.1Wf3C1ftsrA.1NzATB@seznam.cz> <B4EB4AB0-AEFE-473F-A732-6AA2A9C18708@gmail.com> <07cb3c0b-8f04-5068-6914-cdf1eaa3e766@riseup.net> <CAAd2PDJDneFj4hCeocLGdnYsxvnMQ1Hd2nzpQvhZb67_riBgnQ@mail.gmail.com> <b93bdc41-4e97-49c1-5899-33ea9de53039@riseup.net> <20161005203920.GC8860@inner.h.apk.li> <52500d43-427c-502c-a82c-04c7bca18f4a@riseup.net>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.4.2.1i

On Wed, 05 Oct 2016 14:52:53 +0000, Mirimir wrote:
...
> >> no? Why should "... ssh foo@w.x.y.z ... ssh bar@w.x.y.z ... ssh
> >> baz@w.x.y.z ..." get through, if it destroys exits? Maybe someone could
...
> >   for i in subdir/*; do ssh host mkdir -p "$i"; done
> > 
> > with an ssh-agent would look pretty exactly the same to the exit node.
> 
> OK, so I left out the "Permission denied, please try again." bits :)

The exit node doesn't see that - that's the point of ssh. It can
at best look at the session length and timing and infer flakily
from that.

Andreas

-- 
"Totally trivial. Famous last words."
From: Linus Torvalds <torvalds@*.org>
Date: Fri, 22 Jan 2010 07:29:21 -0800
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: Green Dream

References:
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: Ralph Seichter
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: oconor
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: Markus Koch
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: oconor
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: teor
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: Mirimir
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: Green Dream
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: Mirimir
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: Andreas Krey
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: Mirimir

Prev by Author: Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
Next by Author: Re: [tor-relays] tor relay and syslog logging
Previous by thread: Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
Next by thread: Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
Index(es):
- Author
- Thread