[tor-relays] Intrusion Prevention System Software - Snort or Suricata
Ralph Seichter
tor-relays-ml at horus-it.de
Thu Oct 6 10:33:20 UTC 2016
On 06.10.16 12:12, oconor at email.cz wrote:
> There is a possibility of parsing log of IPS a do actions with the
> policies.
I don't trust any IPS that I have seen so far to come up with smart
enough exit policies. If I were to use an IPS to dynamically limit
inbound traffic (on a non-Tor server) and the IPS gets things wrong,
only my own server is affected. If an IPS gets outbound Tor policies
wrong, it potentially affects a lot of people.
Manually dealing with complaints is a chore, but I am willing to invest
the necessary time and work to be able to make an informed decision. I
can understand that not every service provider has the manpower (or
willingness) to do the same, but I consider Tor's purpose to be too
important to leave decisions to a piece of software.
-Ralph
More information about the tor-relays
mailing list