[tor-relays] Network Scan through Tor Exit Node (Port 80) - PORTSCAN

grarpamp grarpamp at gmail.com
Wed Mar 9 08:57:02 UTC 2011


> Why do you consider a portscan to be an attempt to gain unauthorized
>> access to your computer?
>
> The management of the portscan it's really a pain, i got my server on
> Hetzner.de disconnected again due to portscan getting out from my TOR
> exit node.
>
> We *really* need to find a technical way to be able to detect and block
> outgoing portscan from the TOR exit nodes.

As Tor exits are a curious mix of common carrier and end user
in this case... If of concern, I'd simply suggest the application of an IDS
and blocking system to your exit traffic. Bro, Snort, filters, some other
applicable system, whatever it may be. There is certainly precedent
for doing so in a common carrier agnostic fashion in other areas
of the internet, no reason that Tor must be any different. And no reason
that such application would have any adverse affect on the underlying
principles of Tor to which we all might ascribe.


More information about the tor-relays mailing list