[90869] in North American Network Operators' Group
Re: Tor and network security/administration
daemon@ATHENA.MIT.EDU (Steve Atkins)
Sat Jun 17 11:48:23 2006
In-Reply-To: <20060617132902.GA56012@icarus.home.lan>
From: Steve Atkins <steve@blighty.com>
Date: Sat, 17 Jun 2006 08:47:46 -0700
To: nanog@merit.edu
Errors-To: owner-nanog@merit.edu
On Jun 17, 2006, at 6:29 AM, Jeremy Chadwick wrote:
>
> Apologies if this has been brought up before.
>
> Being as I'm not a network administrator myself (although I do filter
> some stuff using pf and ipfw on my severs), I'm curious what NAs
> think of the following technology:
>
> http://tor.eff.org/overview.html.en
>
> The problem I see is that this technology will be used (literally,
> not ideally) solely for harassment (especially via IRC). I do not
> see any other practical use for this technology other than that.
> The whole "right to privacy/anonymity" argument is legitimate, but I
> do not see people using* Tor for legitimate purposes.
>
> A colleague of mine stated his opinion of my opinion: "Your problem
> with Tor is that you can't control it, isn't it?" And he's right --
> that's the exact problem I have with it.
>
> Comments/concerns?
It's a proxy botnet, created by social engineering, rather than
compromised
machines, but apart from that it's indistinguishable from any other.
The approaches you're using for abuse from other open proxies and
botnets should work fine for tor. If you've not dealt with the general
case then fixating on tor is pretty much a waste of time (unless you're
running an IRC network, perhaps).
Cheers,
Steve
