On Tue, 29 Sep 2009, grarpamp wrote:
Finally, what generalizations can be made about the behaviors that
eventually lead to a police interaction ?
Carding, cracking, death threats, piracy, all the usual things and more.
Seems pretty obvious. Tor just makes it interesting because it's
simply a newfangled carrier that can be used for good or bad. No different
than if you were to set up asterisk with a [t/e]-1 and call yourself a
phone company. That's where the raid/arrest risk lies... not enough
No, no - I understand what the behavior in meatspace is like - I wonder
what the behavior looks like on the network.
Take carding ... presumably that all takes place on 443, as carders use
online merchants to either test or use the cards. I'm guessing
meta-carding (forums for trading, etc.) also take place on 443.
Spam is on 25. System intrusion could be anywhere, I guess.
I assume that the child pornography is either in the same places as the
piracy (bittorrent on well known ports and usenet ?) or also on 443 ...
And round it out with DoS and other foolishness on 6666/6667 (irc).
Are these fair generalizations, and thus I could start to guess about a
"safer" exit node configuration ... perhaps 22 and 80 ? I would think an
SSH based BBS for trading pirated/illegal content must be very rare, if
not non-existent, and nobody would be doing serious lawbreaking on plain
old port 80 ?
In reality, I run more open than just 22 and 80, but I'd like to know if
this line of thought is going in the right direction at all ... can we
even make generalizations about TCP traffic policy decisions that will
minimize police contact ?
***********************************************************************
To unsubscribe, send an e-mail to [email protected] with
unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
