[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Network Scan through Tor Exit Node (Port 80)



On Wed, 2 Mar 2011 10:39:44 -0800
Chris Palmer <chris@xxxxxxx> wrote:

> On Mar 2, 2011, at 5:04 AM, Mitar wrote:
> 
> > And what is even more interesting is that our ISP was much more eager
> > for us to reply to those complaints than to complaints for us running
> > a Tor exit node some time ago. At that time they didn't even require
> > from us to respond. They just forwarded us e-mails in a FYI manner.
> > Maybe they changed some policies in meantime.
> 
> Beats me. I hypothesize that some people think scanning is the same as fuzzing or DoSing or sending actual attack packets or something, because they don't know the difference.

That's probably because 'intrusion detection' tools report network
scans as attacks.  Unfortunately, an IDS's author has an incentive to
continue misrepresenting scans as attacks because if he/she/it does not,
his/her/its competitors will advertize the fact that their software
detects more types of 'attacks'.


Robert Ransom

Attachment: signature.asc
Description: PGP signature

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays