[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Should cloud-hosted relays be rejected?



> We sometimes see attacks from relays that are hosted on cloud platforms.
> I have been wondering if the benefit of having cloud-hosted relays
> outweighs the abuse we see from them.

I don't think banning GCE, AWS and MS Azure is an efficient method to
significantly increase the cost of attacks because it is trivial for an
attacker to quickly spin up "a large number of disposable machines" at
other ISPs as well.

Detecting new groups of relays in a single AS that all sign up in a
short timeframe is trivial (DocTor does and did that already [1][2],
OrNetRadar [3] does it as well).

Should you decide to continue generally blacklisting entire ISPs/ASes/IP
ranges:

Please add that info (including the banned ISPs/ASes/IP ranges) to the
documentation (i.e. relay setup guides [4])  so volunteers don't waste
their time and money to setup blacklisted relays [5].


[1]
https://lists.torproject.org/pipermail/tor-consensus-health/2015-July/005955.html
[2]
https://lists.torproject.org/pipermail/tor-consensus-health/2015-July/005974.html
[3] https://lists.riseup.net/www/info/ornetradar
http://news.gmane.org/gmane.network.onion-routing.ornetradar
[4] https://www.torproject.org/getinvolved/relays.html.en
[5]
https://lists.torproject.org/pipermail/tor-relays/2015-August/007655.html

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev