Looking For Comments (Tor Nodes)

nomb · 10-12-2007, 11:49 AM

I was thinking about turning on my TOR to allow people to connect out from it. Then I found this article...

Click Here For Article

Here is an excerpt:

Code:

Earlier this week, a hacker infiltrated the website of a company in
France, defacing the site and using it to send vulgar emails. The
hacker was not a Rose-Hulman student. But through a router maintained
by a Rose-Hulman student, the hacker was able to do this anonymously.

The student, senior computer science major David Yip, was maintaining
a router on his computer called a Tor onion router. What Tor basically
does is enable anonymous communications over the internet. Yip
downloaded and installed Tor on his computer about two months ago. His
machine became a Tor exit node on September 4, 2005.

I know the purpose of TOR and I personally love it. Is there no way to offer a TOR exit node while protecting yourself? I would like to participate in the program, however I'm not going to put myself at risk to do so.

Thanks for all of your comments.

nomb

win32sux · 10-12-2007, 12:16 PM

Are you refering to system/network protection or legal protection? Many applications which are used to regulate a LAN's access to a WAN can be re-implemented to regulate outgoing Tor exit node traffic. That said, running an exit node is by definition a risky endeavour (since you don't know the intentions of people using your exit node), and no amount of precautions will change that.

unSpawn · 10-13-2007, 03:51 AM

TOR configuration allows exit nodes to control what IP ranges and ports they connect with with ExitPolicy directives. So you can for instance block some ISP range and SMTP, telnet, SSH, IRC (if they reside on these std ports). Traffic inside the "TOR cloud" is encrypted but exit nodes have to decrypt that (do not confuse with SSL) to allow it to reach its destination, so after the TOR ExitPolicy directives you're free to use routing / netfilter to block .fr, .cn, .tw or whatever else. If you don't feel comfortable running an exit node you could help TOR by running it as a middleman. (Not to chide you in any way but all of this you could have read in the TOR docs.)

nomb · 10-16-2007, 10:11 PM

Quote:

Originally Posted by unSpawn

TOR configuration allows exit nodes to control what IP ranges and ports they connect with with ExitPolicy directives. So you can for instance block some ISP range and SMTP, telnet, SSH, IRC (if they reside on these std ports). Traffic inside the "TOR cloud" is encrypted but exit nodes have to decrypt that (do not confuse with SSL) to allow it to reach its destination, so after the TOR ExitPolicy directives you're free to use routing / netfilter to block .fr, .cn, .tw or whatever else. If you don't feel comfortable running an exit node you could help TOR by running it as a middleman. (Not to chide you in any way but all of this you could have read in the TOR docs.)

Thanks guys for your responses. Oh, btw, I read the TOR docs, however I seem to have gotten the docs without your opinions/comments included in them which is why I was asking for them. If you know where the docs are that include everyone's opinions/comments by all means let me know.

Usually when I buy something I read the reviews on it first, likewise when I am thinking about implementing on my computer/network I read the 'reviews' for that as well. M$ says they are the best OS in the world but if you speak with the 'consumer' you find differently.

nomb

unSpawn · 10-17-2007, 02:25 PM

Quote:

Originally Posted by nomb

Oh, btw, I read the TOR docs, however I seem to have gotten the docs without your opinions/comments included in them which is why I was asking for them. If you know where the docs are that include everyone's opinions/comments by all means let me know.

I should have said the TOR Wiki. Those docs are pretty good. Then there's the TOR users mailing list, pretty good discussions there too.

nomb · 10-19-2007, 05:01 PM

Now that's something I could sink my teeth into.
I haven't looked at the wiki yet.

nomb