On Fri, Dec 30, 2011 at 04:50:57AM +, c...@sdf.org wrote 1.4K bytes in 38
lines about:
: Either way your name is not attached to it, and your home address,
: etc., isn't either.
It's trivial for law enforcement to make the one hop from your company
to you and then to your house. Stupid
Hello Gozu,
On Wed, 28 Dec 2011, Gozu-san wrote:
On 28/12/11 03:42, John Case wrote:
Don't run Tor from an IP with your name attached to it.
Anonymous server rental is nontrivial. What degree of non-attachment is
sufficient, in your opinion?
I disagree. Once you move past the big
On Tue, 27 Dec 2011, Andrew Lewman wrote:
John Case c...@sdf.org wrote:
This is the Godwins law of tor-talk - all threads eventually lead to
some moron running a relay from their home Internet connection.
Apparently I'm a moron that runs a relay from home. If it doesn't
violate the ISP
On 28/12/11 03:42, John Case wrote:
Don't run Tor from an IP with your name attached to it.
Anonymous server rental is nontrivial. What degree of non-attachment is
sufficient, in your opinion?
___
tor-talk mailing list
tor-talk@lists.torproject.org
I agree too with Sebastian, i was running a Exit Relay at home a couple
years before i got some problems with autority but i has stoped to be
exit and only a non-exit relay and from that i never had new
problems I have 100 Mbits with no limit with the Traffic and it
will be sad to not
On Thu, 22 Dec 2011, Lee wrote:
While I totally get both sides of this argument *in theory*, all of this
sounds a lot to me like getting pissed off about someone ringing your
doorbell because they didn't mail you an opt-in form first.
Nope. The probes were annoying, but the killer was my
On Dec 27, 2011, at 7:03 AM, John Case wrote:
On Thu, 22 Dec 2011, Lee wrote:
While I totally get both sides of this argument *in theory*, all of this
sounds a lot to me like getting pissed off about someone ringing your
doorbell because they didn't mail you an opt-in form first.
WOW!
I like seeing so much discussion on such a simple thing :-)
I remind that this portscan have been done:
- in 10-15 minutes
- while drinking early espresso coffee
- with 2 command line (wget+nmap)
- on a standard debian machine
- with standard apt-get package
- running a hetzner VPS of
On 12/22/2011 12:59 AM, Fabio Pietrosanti (naif) wrote:
Let's joke, don't be too much serious :-)
Roger rabbit said something like If it's not fun, i cannot do it :P
Hi naif,
While we sometimes disagree on things, I think we're in full agreement
here. I think it's important to support your
On Thu, Dec 22, 2011 at 01:05:23AM -0500, Lee wrote:
Nope. The probes were annoying, but the killer was my all-in-one
consumer grade router/nat/dhcp server/firewall leaking packets into
what was supposed to be the secure part of my home network.
I can really recommend pfSense on ALIX 2D3 or
On Dec 20, 2011, at 2:54 PM, Chris tmail...@errtech.com wrote:
Security trough obscurity doesn't scale, so what' the problem?
The problem is that I don't know you, I don't know your intentions,
and I haven't given you permission to do a security audit, free or
otherwise, on my machine. You
On 12/21/11 1:59 PM, Steven J. Murdoch wrote:
On Tue, Dec 20, 2011 at 07:35:50PM +0100, Fabio Pietrosanti (naif) wrote:
Please, get an public IP address, don't announce it, don't do anything.
Now please have a look, without even being a Tor Server, how many mass
scan your receive.
So please,
So please, don't bother with that justification, a scan like that would
probably just be one scan of 1 you receive every week.
The scan which happened yesterday was enough to get the attention of both
the
university network security team, and the sys-admins of the department
which
On Wed, Dec 21, 2011 at 02:14:50PM +0100, Fabio Pietrosanti (naif) wrote:
If we would send 1 packet every minute, it would take about 22hours to
complete the scan, bypassing almost any portscan detection system.
That way it would still be possible to map the opened ports / service
version,
All of these ideas about removing allegedly âinsecureâ or
âvulnerableâ
relays from the network ignore the fact that someone who wants to
compromise Tor relays and use them to attack Tor users will just make
the relays appear to not be vulnerable, so that they can stay in the
On Thu, Dec 22, 2011 at 12:37:11AM +, g...@xerobank.net wrote 0.3K bytes in
6 lines about:
: I trust that all with strong opinions on this issue are at least
: somewhat familiar with recent work by Eric Filiol's group.
That's good news.
So, naif, what got you stirred up about this, if I may ask?
On 22/12/11 01:09, and...@torproject.org wrote:
On Thu, Dec 22, 2011 at 12:37:11AM +, g...@xerobank.net wrote 0.3K bytes
in 6 lines about:
: I trust that all with strong opinions on this issue are at least
:
On Dec 20, 2011, at 6:52 PM, Mike Damm wrote:
On Dec 20, 2011, at 2:54 PM, Chris tmail...@errtech.com wrote:
Security trough obscurity doesn't scale, so what' the problem?
The problem is that I don't know you, I don't know your intentions,
and I haven't given you permission to do a
On 12/21/11, Justin Aplin jap...@gmail.com wrote:
On Dec 20, 2011, at 6:52 PM, Mike Damm wrote:
On Dec 20, 2011, at 2:54 PM, Chris tmail...@errtech.com wrote:
Security trough obscurity doesn't scale, so what' the problem?
The problem is that I don't know you, I don't know your intentions,
Nope. The probes were annoying, but the killer was my all-in-one
consumer grade router/nat/dhcp server/firewall leaking packets into
what was supposed to be the secure part of my home network.
Maybe you should fix the router? This blaming other people for your own
mistakes is getting
I made a big portscan+app fingerprinting of all Tor exit and Relay:
wget -q -O /tmp/Tor_ip_list_ALL.csv \
http://torstatus.blutmagie.de/ip_list_all.php/Tor_ip_list_ALL.csv
nmap -iL /tmp/Tor_ip_list_ALL.csv -F -sS -sV -PI -T Insane \
-oM Tor-Scan-20-12-2011_00_30.out
You can find the result
On Tue, 20 Dec 2011 09:11:29 +0100
Fabio Pietrosanti (naif) li...@infosecurity.ch wrote:
Or a process like that to always know that the System/Network
security of computers running Tor it's ok, and if not ok do
something.
Perhaps you are interested in the exit authority code,
On 12/20/11, Fabio Pietrosanti (naif) li...@infosecurity.ch wrote:
I made a big portscan+app fingerprinting of all Tor exit and Relay:
[.. snip ..]
Which is why I stopped running a relay - wy too many people poking
at my machine. In retrospect I was probably just incredibly naive,
but
On 12/20/11, Nick Mathewson ni...@alum.mit.edu wrote:
On Tue, Dec 20, 2011 at 1:35 PM, Fabio Pietrosanti (naif)
li...@infosecurity.ch wrote:
Absolutely brilliant. Someone donates to your cause and, if they
don't come up to your standards, you do your best to ensure they get
pwned instead of
Security trough obscurity doesn't scale, so what' the problem?
The problem is that I don't know you, I don't know your intentions,
and I haven't given you permission to do a security audit, free or
otherwise, on my machine. You need to GET PERMISSION FIRST or you're
behaving exactly like
On 12/20/11 8:06 PM, Nick Mathewson wrote:
On Tue, Dec 20, 2011 at 1:35 PM, Fabio Pietrosanti (naif)
li...@infosecurity.ch wrote:
Absolutely brilliant. Someone donates to your cause and, if they
don't come up to your standards, you do your best to ensure they get
pwned instead of just
Lee ler...@gmail.com wrote on 20.12.2011:
Which is why I stopped running a relay - wy too many people poking
at my machine. In retrospect I was probably just incredibly naive,
but when I put up a tor relay I was expecting to just relay tor
traffic. I did not sign up to be the target of
On Dec 20, 2011, at 2:54 PM, Chris tmail...@errtech.com wrote:
Security trough obscurity doesn't scale, so what' the problem?
The problem is that I don't know you, I don't know your intentions,
and I haven't given you permission to do a security audit, free or
otherwise, on my machine. You
Which is why I stopped running a relay - wy too many people poking
at my machine. In retrospect I was probably just incredibly naive,
but when I put up a tor relay I was expecting to just relay tor
traffic. I did not sign up to be the target of any wannabe pen
tester.
For me it is
29 matches
Mail list logo