[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Exit Node Scanning Status

> Can anyone tell me what mechanisms we (or the Tor Project members)
> have in scanning for malicious exit nodes. Such as nodes that are
> manipulating DNS requests, stripping SSL, etc. I know of the SOAT
> project from Mike Perry but the last I heard there was a GSOC dev
> working on the project. Is that still being used?

Hi Roc. In theory there are SoaT scanners running and sending their
reports to...


... but that hasn't been maintained in quite some time. The last
report to tor-exitscanner@ was on 6/9/12 and as I understand it SoaT
needs a lot of love. In addition to that our process for giving relays
a BadExit flag even after they're reported is really poor, requiring
manual intervention by three extremely busy people.

Like many of our spaces the trouble is that there's no one presently
dedicated to making it better. It looks like a fun area (I've been
tempted to write a SoaT counterpart for years) but lack the bandwidth.
Per chance is this something that you'd be interested in leading?

Cheers! -Damian
tor-talk mailing list