Hi! Maybe I am not such a big expert but this is a good chance for me to expose my understanding so others could correct me if I am wrong. On Sun, 2013-10-27 at 17:27 -0700, Nelson wrote: > Again, I tested this and with PeerBlock I can actually block known ip's > of the nodes you mention (not something TOR is intended for, or I want > to do or need to do), and for all intents and purposes if "my > organization" had sufficient resources, knowing that we could actually > create blocklists to prevent traffic coming to and from unwanted middle > and exit nodes, then will be in effect "shaping traffic flow"? > Considering of course "we" had "several" relays ourselves? I understood that you want to simply block other tor servers so only (or mostly) your tor servers will be allowed. From my understanding you cannot attack tor that way: a) You need to get client connections. But with such a configuration other tor servers cannot connect to you. and one part of the process is, that other servers connect to your server to measure the speed. b) A client tries to build a circuit. from my understanding, the client is choosing the servers to use. So even if a client connects to your server then the creation of the circuit will fail and the client will build up some other circuit instead. But as a I tried to said before: I am not an expert so far. It is just my understanding which could be completly wrong. With kind regards, Konrad -- Konrad Neitzel <konrad@xxxxxxxxxx>
Attachment:
signature.asc
Description: This is a digitally signed message part
_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays