[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Suggestion to make Tor usage more disguised



On 01/16/2016 05:20 AM, Elrippo wrote:
> Well, you are forgetting that all TOR relays are using an IP, and these IP's are stored in a public list.
> So you do not have to check your logs as a network admin, you just have to download the list every 24H and wright and a simple script (and make use of iptables on a Unix Server) to deny the initiative connection to a TOR entry node, simple as that.
> It is more an attitude of the network setup and corporate understanding towards TOR.

Exactly. Furthermore, Tor clients make connections to Tor directory
authorities in order to fetch the consensus documents, in the event that
the client doesn't have the necessary network information. The IP
addresses of the dirauths are hard-coded into Tor clients. System
administrators can simply look for connections to these dirauths to
discover new Tor clients. Existing clients can fetch new consensus data
from existing Tor relays.

There are several ways to detect if someone is using Tor, and most of
those methods can be thwarted by using a bridge with a pluggable
transport, like obfs4. Tor relays should have reverse DNS and a nice
landing page, possibly even one they wrote themselves. It just makes the
whole network more friendly for the rest of the Internet.

It's "Tor", not "TOR".

-- 
Jesse V

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays