[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Making TOR exit-node IP address configurable

Thus spake Moritz Bartl (moritz@xxxxxxxxxxxxxx):

> On 10.03.2011 08:21, Fabio Pietrosanti (naif) wrote:
> > Again, that's true only if you are damaging user's traffic and so your
> > "filtering" doesn't break in any case:
> > a) don't break user traffic
> > b) don't break exit scanner traffic
> > c) break "just some kind" of more noisy and malicious/aggressive
> > traffic
> If I was scanning my own /21 through Tor, would that be user traffic, or
> malicious traffic?
> If I was fuzzy scanning web applications on my own server through Tor
> because some malware has infected my server that ignores requests from
> my home country, would that be user traffic, or malicious traffic?

Exactly. Perhaps we should just check for RFC 3514 compliance at entry
nodes? :)

In all seriousness, the only way this can fly is if it is transparent
to the user, and doesn't ever actually block their activity.

I described how such a system could work here, but someone would have
to build it:

Any other system that tries to only break "just some kind" of
malicious traffic is bound to fail (and in rather hilarious ways).
Skynet just isn't that good yet.  Maybe some day the machines will
protect us from ourselves, but that day is not today.

Mike Perry
Mad Computer Scientist
fscked.org evil labs

Attachment: pgpDcK6M0TTEE.pgp
Description: PGP signature

tor-talk mailing list