[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Exit relay operators please help test #2667 branch



Unless you already ruled out that hypothesis by looking at the attack
distribution by source IP:

If dir auths (some or all) are willing to share (privately or publicly) the distribution of
attack load (frequency, bandwidth, ...) by exit source IP in total or relative values
I can correlate this data to strengthen a hypothesis that malicious/suspicious
exits are involved to a greater extend than well-known long term exits.
That could mean that they are not (exclusively) attacking via but _from_ servers that also happen to
run tor exits. 


From another angle this is an interesting precedence
because the tor project uses it's access to protect dir auths
from exit relays. Why is that interesting? Because no one else
that gets attacked via exit relays has that "luxury" to "filter"
it at the "source" (exits).


-- 
https://nusenu.github.io
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays