[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Network Scan through Tor Exit Node (Port 80)



On Tue, 8 Mar 2011 04:04:13 -0600 (CST)
Scott Bennett <bennett@xxxxxxxxxx> wrote:

>      On Sat, 26 Feb 2011 12:13:53 -0800 Chris Palmer <chris@xxxxxxx> wrote:
> >On Feb 26, 2011, at 9:53 AM, mick wrote:
> >
> >> No reputable security researcher would a) scan a network without that
> >> network owner's explicit permission, nor b) use tor for that scan.
> >
> >Lots of reputable security researchers who scan the entire internet without getting permission. You can't get permission from every operator in the world, but you still need to do good and interesting research. Examples of reputable researchers who have scanned the whole internet include Dan Bernstein, Dan Kaminsky, and EFF. (At least I think we're reputable. :) ) I don't know for sure, but I can't imagine Arbor, CAIDA, and Renesys can do their jobs without scanning the internet.
> 
>      Well, as I've just finished describing in another topic here, I treat
> scanning of my system as attempted security breaches.  Such scans will not
> elicit any apparent response from my system, except that the scanner's
> IP address will shortly be added to my "block" file, which will deny all future
> access to my tor node's ORPort and DirPort.

So all I need to do in order to block a Tor client or bridge from
connecting to your Tor relay is send a few SYN packets with forged
sender IP addresses?  Brilliant move.


> >Using Tor to scan the internet is a good way to see how the internet looks from different perspectives at once, which can be quite valuable.
> >
>      I disagree and, as noted above, treat that as a cracking attempt.

Why do you consider a portscan to be an attempt to gain unauthorized
access to your computer?


Robert Ransom

Attachment: signature.asc
Description: PGP signature

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays