[tor-relays] rerouting exits

Mike Perry mikeperry at torproject.org
Sun Oct 11 20:43:16 UTC 2020



On 10/11/20 3:08 PM, nusenu wrote:
>> Are your scanners available for others to run? I understand that it is a
>> risk that making them public may allow bad exits to avoid them, but is
>> it ok if other specific people use and adapt the scanners?
> 
> You don't need to actively perform scans (in the sense of establishing circuits)
> to detect rerouting exits, onionoo provides you with the required data:
> OR IP:
> https://metrics.torproject.org/onionoo.html#details_relay_or_addresses
> Exit IPs:
> https://metrics.torproject.org/onionoo.html#details_relay_exit_addresses

I meant the code for your other scans. We have my original scanner (part
of torflow repo), and one phw wrote, and another set of onion service
attack scanners. TPI might consider also running your scanners in
addition to or instead of some of these. Plus more people running
scanners may mean faster results and easier result confirmation...
Though, this is subject to obvious issues with this being an arms race,
if scans are discovered, of course.

I also agree with your ticket about the time rotation feature. And I'm
not sure we should necessarily publish this info anymore.

I think this and similar ideas should be explored. We're trying to
figure out how to put it all together into an approach that makes sense.


-- 
Mike Perry



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20201011/4cd5ce03/attachment.sig>


More information about the tor-relays mailing list