[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] HoneyPot?

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] HoneyPot?
From: Mirimir <mirimir@xxxxxxxxxx>
Date: Thu, 29 Oct 2015 15:14:08 -0600
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 29 Oct 2015 17:14:31 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1446153260; bh=k+7dT86Qgd6ZakPBAsSU6wLsxlFcR+jC8/EZC8tPOUA=; h=Subject:To:References:From:Date:In-Reply-To:From; b=jaqOpqShjvZdL5X0uz1YoYA2nn1YAkg2+D5CL2m6YOEfOa3hX7ECRT/QDtO094Skr /wQZ97/jG565MsJR1RmxDWQ6TvyA4khkoQCC0pgql39Zq5Vx8glLKBcJ0WvkP8AKlN 8wnrXUvIagmAcXWuTHFT1WsoUArbIJ68jo2rtWyw=
In-reply-to: <CAAd2PDK8vwsq95i4AGM22KkO8JiPA8Q6Qzki7YEecuqUX+0erQ@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <5632800D.8060501@xxxxxxxxxx> <CAAd2PD+J5ap_3ysgJBUey9L=O5nm__m8VFP1jjmNEqWon5GtRA@xxxxxxxxxxxxxx> <CAAd2PDK8vwsq95i4AGM22KkO8JiPA8Q6Qzki7YEecuqUX+0erQ@xxxxxxxxxxxxxx>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0

On 10/29/2015 02:42 PM, Green Dream wrote:
> (Oops, sorry, an errant keyboard shortcut sent the email too early.)
> 
> Mirimir: aside from the nickname, do you have any reason to believe it was
> out of the ordinary? The exit policy mostly only seems to allow
> non-encrypted services (80 but not 443, 143 but not 993), but that alone
> isn't enough to give it the BadExit flag:
> 
> https://trac.torproject.org/projects/tor/wiki/doc/ReportingBadRelays#Whatisabadrelay

I had no reason to wonder about it, except for the name. But the fact
that it only seems to allow non-encrypted services is suspicious.

I'm guessing that it is or was part of some research project that
involves traffic interception.
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

References:
- [tor-relays] HoneyPot?
  - From: Mirimir
- Re: [tor-relays] HoneyPot?
  - From: Green Dream
- Re: [tor-relays] HoneyPot?
  - From: Green Dream

Prev by Author: [tor-relays] HoneyPot?
Next by Author: Re: [tor-relays] HoneyPot?
Previous by thread: Re: [tor-relays] HoneyPot?
Next by thread: Re: [tor-relays] HoneyPot?
Index(es):
- Author
- Thread