tor

Steve Pirk orion at pirk.com
Wed Jun 24 22:43:55 CDT 2009


On Wed, 24 Jun 2009, Rod Beck wrote:
> This has nothing to do with telecommunications or any kind of carrier or
> business relationship. This is intentionally leaving your computer open
> so that anyone on the Internet can come along and appear to be coming
> from your IP, where they will promptly set off doing bad stuff that will
> get traced back to you rather than them. Think of it like intentionally
[snip]

Not sure if this just "happened" to pop up on the radar because of all 
the tor work being done to provide access out of Iran for citizens 
there that are blocked. Probably just a co-incidence, but since I just 
got done reading a bunch and setting up a bridge node (provate relay), 
I can say that there are also levels of liability.

There are tor entry/egress points (where users enter and exit the tor 
netowrk), usually referred to as "exit nodes", and then there are a 
bunch of tor relay nodes. A relay node just becomes part of the 
network, and sends and receives traffic inside the tor network. This 
_should_ be the most common configuration, but some people do not RTM 
and make themselves exit nodes. That is where you get into trouble.
Relay nodes just pass encrypted packets - no exiting allowed.

The third configuration is called a "bridge" node. This is a relay 
that does not tell anyone it is a node. A controller has a copy of 
that nodes public key, and builds a private network.

Moral: you can help with tor without leaving yourself open to sbuse. 
>From what I know, the bigger exit node operators are fully aware of 
the responsibility they have.

--
steve




More information about the NANOG mailing list