[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
From: Green Dream <greendream848@xxxxxxxxx>
Date: Thu, 6 Oct 2016 11:07:40 -0700
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 06 Oct 2016 14:07:58 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=wAzgsVCBoIaUcordbVFp6V6VhzBgZzVmyXj5tcW9FWA=; b=lT9M6w+JzgY82Rb2w8dnaOlLLkVpocMjppxMzSdlPhLcw4kLiCm/jjM5RU5brDNFmk SoEzhZgy7ce8Lm7dM8xwhYLuP3lsm434ltqIZxo3+l/waWR8SOSHING9MTOaLyPXU0+K 3wsrJcEki5CQOTh6MtLl+/wdUEKyulBMgToVTjoP2XmYCV9SPtcZsU3+sYdF/Bnu0tjr 9qnKNx7GcL5WiKfpzQduvCkGu0/nUZ9vKQATO4COXvLgxP3h6O1SKUcUYI4trl3FI/be rOvrU0w1RFJDcgqmrVRVkIPdD4V18yyGpVzUZVvHJVbYz0pZvncO9iase9uBNlx3Vxtm oLXA==
In-reply-to: <1TM.aI45.5w2C}825cSY.1NzYHR@seznam.cz>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <07cb3c0b-8f04-5068-6914-cdf1eaa3e766@riseup.net> <9c712fac-bcd4-41eb-0aeb-f4b2bf03d967@web.de> <CA709144-51E7-485B-B87B-1599DF978545@brazoslink.net> <20161004194234.GB17094@moria.seul.org> <Vhw.aI2o.5T3qSOk7W3J.1Nz1C1@seznam.cz> <8e7f739a-7879-099b-a1c1-792b9ce089b5@horus-it.de> <VnI.aI2{.6Clab1ZXq93.1Nz2LK@seznam.cz> <C263492D-5C73-4BF9-985B-ED2A449DE350@googlemail.com> <W42.aI2E.1Wf3C1ftsrA.1NzATB@seznam.cz> <B4EB4AB0-AEFE-473F-A732-6AA2A9C18708@gmail.com> <CAAd2PDJDneFj4hCeocLGdnYsxvnMQ1Hd2nzpQvhZb67_riBgnQ@mail.gmail.com> <1TM.aI45.5w2C}825cSY.1NzYHR@seznam.cz>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

@oconor:

> Let me ask you a short question. Have you ever worked with IPS?


Yes. Please see my later email in this thread. I have experience with
Snort, Bro and proprietary IPS/IDS systems from Cisco and Palo Alto. I
also worked at a university's network operations helpdesk, where we
received hundreds of DCMA and abuse requests every week. I'm entirely
aware of the work required. I understand fully you have a job to do,
and I'm not immune to your or other provider concerns. I just don't
think IPS is the right solution for Tor exits.

If we're going to change anything I think it needs to happen within
Tor software. Operators could leverage the existing "Exitpolicy
reject" rules, or Tor could add functionality there if it's missing.
Whatever we do, I think it needs to be uniform and transparent.
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: teor

References:
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: Mirimir
- [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: pa011
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: BlinkTor
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: Roger Dingledine
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: oconor
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: Ralph Seichter
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: oconor
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: Markus Koch
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: oconor
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: teor
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: Green Dream
- Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
  - From: oconor

Prev by Author: Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
Next by Author: Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
Previous by thread: Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
Next by thread: Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
Index(es):
- Author
- Thread