On Tue, 01 Mar 2011 13:34:23 -0800 Jacob Appelbaum <jacob@xxxxxxxxxxxxx> allegedly wrote: <snipped> > > > > > I am attracted to cmeclax's idea of some form of torrc config option > > which could limit the potential for deliberate (or accidental but > > "reckless") scanning. Is there any mileage in pursuing something > > like that further? And if not, are there any other (current) > > recommended configurations which could mitigate possible problems? > > > > I don't think such a configuration option makes any sense at all. We > have many streams on a given circuit for load balancing. A clever > scanner would simply use one circuit per connect attempt and it would > generate a lot of load on the network. > > I'd suggest that if you're concerned about someone making connections > from your computer, it's probably a bad idea to run an Exit node... OK, so that idea may not be a runner - but surely the whole purpose of the exit policy system is to allow us to run exit nodes which /do/ limit activity to that which we deem acceptable (or legal). Mick --------------------------------------------------------------------- The text file for RFC 854 contains exactly 854 lines. Do you think there is any cosmic significance in this? Douglas E Comer - Internetworking with TCP/IP Volume 1 http://www.ietf.org/rfc/rfc854.txt ---------------------------------------------------------------------
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays