[tor-talk] Bad Exit Nodes.
Bobby Brewster
bobbybrewster203 at yahoo.com
Fri Jun 27 11:26:30 UTC 2014
I recently watched the video by Adrian Crenshaw (IronGeek) on Youtube about how to use darknets and Tor effectively.
One of his concerns was about the individuals or organisations that are running exit nodes.
What is to stop someone from setting up an exit node and a) sniffing all traffic or specifically non-SSL usernames and passwords and b) using SSLStrip to access SSL usernames and passwords?
I know this has been done in the past - I am talking about the situation today.
How could a person who is sniffing / stripping exit traffic be detected?
Also, how are bad nodes determined. For example, iiioooeee is a bad node. Why? What makes it bad? It is not an exit node.
However, HKT01 is an exit node that is marked bad. Why? Interestingly, HKT02 which is also an exit node is not marked bad even though they are on the same subnet as HKT01.
Thanks!
More information about the tor-talk
mailing list