On Fri, Oct 25, 2013 at 06:01:51PM +1030, DeveloperChris wrote: > An acquittance of mine created a tor exit node, I know little detail > more than that other than he was banned by services such as skype > and ebay. and apparently the machine he used was hacked. Now I know > he is very security conscious and not a newb. If he was hacked it > was by professionals. He is a network engineer. > > Apparently he pulled the exit node and wiped the machine.
Just so somebody's said it: there's a good chance that the machine wasn't compromised. There are some jerks out there who use Tor to send application-level traffic to webservers that tries to break into the webserver. Somebody watching the webserver (or watching its network) will notice the attack -- but since most attacks these days come through compromised computers that are used as 'stepping stones', the mail that the website operator sends won't say "stop attacking me!", but rather it will say "your computer appears to be compromised." They don't have any idea that it's running a Tor exit relay (and in many cases they have no idea that something like Tor exists). Then it's easy for the Tor relay operator to say "oh crap somebody on the Internet told me my computer is compromised." (And to be fair, it's hard for them to convince themselves that it's not true, so his response in this case of "let's wipe it to be sure" was not unreasonable.) See also https://www.torproject.org/docs/faq-abuse#TypicalAbuses and https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines Thanks! --Roger -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
