[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Amazon abuse report



On Friday 01 Nov 2013 20:57:54 Ted Smith wrote:
> On Sat, 2013-11-02 at 01:27 +0100, Lunar wrote:
> > Nelson:
> > > Please excuse my ignorance operating Tor relays, but if I run an exit
> > > node on Windows 7 and use something like Peerblock and correspoding
> > > block lists of P2P sites, wouldn't this be somewhat effective in
> > > stopping this sort of undesired traffic on Tor?
> > 
> > No. If the relay says it will deliver a connection in its exit policy,
> > it has to carry it. Otherwise, it will give erratic behaviour on the
> > client side and this is bad. The relay should be flagged BadExit by the
> > authority operators.
> 
> Of course, there's nothing stopping you from hooking something like
> Peerblock up to Tor's control port interface and automatically updating
> your exit policy to block connections to torrent trackers and peers.

Good idea. :)  So let me revise my earlier posts: to reject connections to 
trackers do something like

ExitPolicy reject *:2710

This will block connections to the Ocelot and XBTT (I think) tracker software 
on their standard ports.  Blocking trackers on port 80 is more difficult, 
obviously.

To be honest, I wouldn't worry too much about blocking peers; a whitelisted 
exit policy will take of that, since torrent peers tend to use fairly high 
range non-standard ports.  

One (perhaps nasty) rare case is someone using OpenVPN over Tor, and then 
torrenting over the VPN, especially since VPN providers will permit port 
forwarding at their endpoint.

I can see people wanting to VPN over Tor for increased anonymity (especially 
if the VPN provider accepts anonymous payment) but how popular is this use 
case?  Does anyone have any hard numbers?

-- 
Parity
parity.boy@xxxxxxxxx
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays