[tor-relays] Intrusion Prevention System Software - Snort or Suricata
krishna e bera
keb at cyblings.on.ca
Thu Oct 6 02:17:17 UTC 2016
On 05/10/16 06:20 PM, Green Dream wrote:
> Criminals using Tor is not a new problem. It's addressed as the first
> question in the Abuse FAQ, here:
> https://www.torproject.org/docs/faq-abuse.html.en#WhatAboutCriminals
>
> and it's discussed by the EFF here:
> https://www.eff.org/deeplinks/2014/07/7-things-you-should-know-about-tor
Exactly, but criminals/dissidents/spies/researchers a.k.a. arguably
legal content, is only half the issue.
The other half is something that maybe Tor people can and should do
something about (carefully of course) when we can detect it, namely
disruption of the network. This means things like
- floods
- DDoS
- active timing attacks
- messing with DNS
- re-routing
Since these are mostly also problems for ISPs, there may be room for
cooperation. One sample question is, if we didnt have to rely only on
the information from Tor nodes, could we do better at automatically
dealing with certain problems?
More information about the tor-relays
mailing list