Tor and network security/administration

• Previous message (by thread): Tor and network security/administration
• Next message (by thread): Tor and network security/administration
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Jun 17, 2006, at 6:29 AM, Jeremy Chadwick wrote:

>
> Apologies if this has been brought up before.
>
> Being as I'm not a network administrator myself (although I do filter
> some stuff using pf and ipfw on my severs), I'm curious what NAs
> think of the following technology:
>
> http://tor.eff.org/overview.html.en
>
> The problem I see is that this technology will be used (literally,
> not ideally) solely for harassment (especially via IRC).  I do not
> see any other practical use for this technology other than that.
> The whole "right to privacy/anonymity" argument is legitimate, but I
> do not see people using* Tor for legitimate purposes.
>
> A colleague of mine stated his opinion of my opinion: "Your problem
> with Tor is that you can't control it, isn't it?"  And he's right --
> that's the exact problem I have with it.
>
> Comments/concerns?

It's a proxy botnet, created by social engineering, rather than  
compromised
machines, but apart from that it's indistinguishable from any other.

The approaches you're using for abuse from other open proxies and
botnets should work fine for tor. If you've not dealt with the general
case then fixating on tor is pretty much a waste of time (unless you're
running an IRC network, perhaps).

Cheers,
   Steve

• Previous message (by thread): Tor and network security/administration
• Next message (by thread): Tor and network security/administration
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]