[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Network Scan through Tor Exit Node (Port 80)

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] Network Scan through Tor Exit Node (Port 80)
From: mick <mbm@xxxxxxxxxx>
Date: Wed, 9 Mar 2011 16:17:32 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 09 Mar 2011 11:17:52 -0500
In-reply-to: <20110308183512.15c203c7@xxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-relays>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for support and questions about running Tor relays \(exit, non-exit, bridge\)." <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <201103081004.p28A4DNm014704@xxxxxxxxxxxxx> <20110308183512.15c203c7@xxxxxxxxx>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx

On Tue, 8 Mar 2011 18:35:12 -0800
Robert Ransom <rransom.8774@xxxxxxxxx> allegedly wrote:

> On Tue, 8 Mar 2011 04:04:13 -0600 (CST)
> Scott Bennett <bennett@xxxxxxxxxx> wrote:
> 

[much snipped]

> > >Using Tor to scan the internet is a good way to see how the
> > >internet looks from different perspectives at once, which can be
> > >quite valuable.
> > >
> >      I disagree and, as noted above, treat that as a cracking
> > attempt.
> 
> Why do you consider a portscan to be an attempt to gain unauthorized
> access to your computer?
> 
> 
> Robert Ransom

I'm with Scott. Whilst I don't necessarily agree that a portscan is an
attempt to gain unauthorised access, I don't like them for the
following reasons:

- they are /indicative/ of reconnaisance activity which may be a
  precursor to later attack. 

- they tend to irritate ISPs (and corporations which log such
  activity). If the scan comes from a system for which I am
  responsible, they will likely vent that irritation at me.

-  scans /can/ and /do/ cause DOS on some devices. A cursory search
  of bugtraq archives should unearth plenty of examples. Some examples I
  am aware of (though admittedly unlikely to reachable from a Tor exit
  node) are the HP procurve switch, some Jetdirect printers, some
  Netgear DSL routers etc. As I have pointed out before, this is
  illegal in the UK (our legislation being "laughably absurd" doesn't
  stop it being the law.)

And as Scott said, I don't see why EFF should place the operators
of Tor nodes at risk by using Tor as a scanning tool. 

Mick   

---------------------------------------------------------------------

The text file for RFC 854 contains exactly 854 lines. 
Do you think there is any cosmic significance in this?

Douglas E Comer - Internetworking with TCP/IP Volume 1

http://www.ietf.org/rfc/rfc854.txt
---------------------------------------------------------------------

Attachment: signature.asc
Description: PGP signature

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] Network Scan through Tor Exit Node (Port 80)
  - From: Chris Palmer
- Re: [tor-relays] Network Scan through Tor Exit Node (Port 80)
  - From: Fabio Pietrosanti (naif)

References:
- Re: [tor-relays] Network Scan through Tor Exit Node (Port 80)
  - From: Scott Bennett
- Re: [tor-relays] Network Scan through Tor Exit Node (Port 80)
  - From: Robert Ransom

Prev by Author: Re: [tor-relays] first using bridge then become bridge
Next by Author: Re: [tor-relays] Network Scan through Tor Exit Node (Port 80)
Previous by thread: Re: [tor-relays] Network Scan through Tor Exit Node (Port 80) - PORTSCAN
Next by thread: Re: [tor-relays] Network Scan through Tor Exit Node (Port 80)
Index(es):
- Author
- Thread