On Tue, 29 Sep 2009, grarpamp wrote:
Finally, what generalizations can be made about the behaviors that eventually lead to a police interaction ?Carding, cracking, death threats, piracy, all the usual things and more. Seems pretty obvious. Tor just makes it interesting because it's simply a newfangled carrier that can be used for good or bad. No different than if you were to set up asterisk with a [t/e]-1 and call yourself a phone company. That's where the raid/arrest risk lies... not enough
No, no - I understand what the behavior in meatspace is like - I wonder what the behavior looks like on the network.
Take carding ... presumably that all takes place on 443, as carders use online merchants to either test or use the cards. I'm guessing meta-carding (forums for trading, etc.) also take place on 443.
Spam is on 25. System intrusion could be anywhere, I guess.I assume that the child pornography is either in the same places as the piracy (bittorrent on well known ports and usenet ?) or also on 443 ...
And round it out with DoS and other foolishness on 6666/6667 (irc).Are these fair generalizations, and thus I could start to guess about a "safer" exit node configuration ... perhaps 22 and 80 ? I would think an SSH based BBS for trading pirated/illegal content must be very rare, if not non-existent, and nobody would be doing serious lawbreaking on plain old port 80 ?
In reality, I run more open than just 22 and 80, but I'd like to know if this line of thought is going in the right direction at all ... can we even make generalizations about TCP traffic policy decisions that will minimize police contact ?
*********************************************************************** To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/