[tor-talk] What is being detected to alert upon?
Philipp Winter
phw at nymity.ch
Thu Apr 30 19:13:46 UTC 2015
On Thu, Apr 30, 2015 at 02:57:01PM -0400, tor at t-3.net wrote:
> One rules file is dedicated to it (emerging-tor.rules), that file has all
> the Tor IP addresses hardcoded into it.
That's probably not very effective because the Tor network has quite a
bit of churn, which would lead to plenty of false positives and false
negatives. You would have to update this list pretty much hourly.
Cheers,
Philipp
More information about the tor-talk
mailing list