[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Blocking Tor - solutions?

On Wed, 15 Feb 2012 18:17:34 +0100
Matej Kovacic <matej.kovacic@xxxxxxxxx> wrote:
> what are the solutions if someone is downloading list of IP addresses
> of Tor exit points and block access to his website from this IP
> addreses?

There is no easy, nor good solution right now. A solution that exists is
to run an unpublished exit relay. You then change the tor client to
allow .exit notation and use your private exit relay. I have heard of
some orgs that do this and share their exit relay with their

They use the normal tor network for everything they can, and then
switch to the private-relay.exit notation when needed. If the exit relay
is discovered (whether through cracking, law enforcement collection,
etc), then it could be much easier to map out who used it. It also may
increase liability because the exit relay operator cannot use the easy
explanation of "it was a public tor exit relay, therefore not my

The private exit relay still doesn't know where the client is in the
world, but not what the client is doing if using ssl and the like. The
org would possibly know what set of humans have access to it.

This is in no way condoning this option, but I'm continually surprised
at the creativity involved by others in using tor.

pgp 0x74ED336B
tor-talk mailing list