[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Hacker strikes through student's router

On 11/9/05, Geoffrey Goodell <goodell@xxxxxxxxxxxxxxxx> wrote:
On Tue, Nov 08, 2005 at 10:14:31PM -0500, Anthony DiPierro wrote:
> How hard would it be to run a Tor exit node which accepts GET requests but
> not POST requests? Or, possibly, POST requests could simply be passed on to
> another Tor exit node? Would it be ethical to do this? You'd have to examine
> the traffic to see if it was a GET or a POST, but you wouldn't have to store
> anything.

The difference between filtering by transport-layer headers (e.g. port
number) and filtering by application-layer headers (e.g. HTTP request
type) is one of degree, not one of kind.  Whether it is ethical to do
this is debatable.  However, right now there does not exist a way to
describe this sort of filtering in the exit policy, and thus may degrade
client performance.  Also, it is not possible (without substantial
modification to Tor) to simply pass along the request to another Tor
node, since this would mean somehow extending the circuit and
reattaching the stream in-flight!

Intuitively, if there were a magical box that could filter out "evil"
traffic while allowing all "good" traffic to pass, it would be great to
deploy it at every exit node.  However, the nature of communication is
such that this is either difficult or impossible to quantify.

A more pressing problem that still needs to be addressed is, how do we
deal with cases in which such filtering is happening already?  Not only
can Tor node operators firewall their exits, but their upstream ISPs can
null-route traffic to particular destinations...

Maybe we should look into implementing RFC 3514 filtering based on the "evil bit".  As an advantage that works at the same layer as Tor.  :)
Seriously though, this is kind of the response I expected.  I'd be a bit nervous about putting up a server which allowed unfiltered port 80 traffic, as far as getting in trouble with my ISP.  I'm sure a lot of people feel the same way, too.  Even just allowing GET requests would take load off the other exit nodes, but apparently this isn't really possible with the implementation of Tor.
Anyway, I guess filtering by IP address would be the safest way to go there, and would still potentially draw a bit of traffic if you include some popular services.  Of course the best scenario would be to just get enough people using Tor that the ISPs can't complain without losing lots of customers, but that right now is just wishful thinking.  :)