Jesse Victors: > I've been running some exit nodes for some time now, and they're doing > well. They've burned through many terabytes of bandwidth, and thanks > to Tor's recommended reduced exit policy, complaints have been > minimal. Clearly the vast majority of the Tor traffic is not > malicious, but I have received some reports from other companies and > from my ISP of hacking attempts: SQL Injection, XSS, botnet C&C, basic > things like that. My ISP now tells me that they could reduce the > reports even further by routing the exits through a "next-generation > firewall" which apparently can detect an obvious clearnet attack and > drop that connection a few milliseconds after the attack occurs. You don't want that. For Tor to work properly, once a packet is delivered to your exit (and the destination is accepted) the packet must be delivered. Otherwise, you are breaking the network and the relay will be a BadExit. But you really don't want that because if you start looking at the traffic and selecting the traffic, then you become liable for what you transport (at least in Europe). -- Lunar <lunar@xxxxxxxxxxxxxx>
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays