Educause Security Discussion mailing list archives
Re: TOR Exit Nodes and US .Edus?
From: Harry Hoffman <hhoffman () IP-SOLUTIONS NET>
Date: Tue, 28 Apr 2015 10:09:15 -0400
Hi Shawn, So, this is a question that comes up fairly frequently. In my opinion TOR software ultimately serves a lofty purpose that tends to align itself well with academic institutions, namely the ability to explore new ideas without the fear of censorship or repercussions. With these features come a fine line in its usage for exploration vs exploitation. And to further confound that, the line is quite fuzzy between the two depending on local laws. Most of the challenges fall around ensuring that there's some responsibility in running this service. The de facto answer that I hear so often is the one that the TOR group provides as a script to the operator running the system, which ultimately says "Sorry, there's nothing we can do...". For any other system on a network this answer wouldn't fly. If a machine is attacking another machine via the network I believe some mitigating action should take place. As a network operator there are many opportunities to ensure you aren't just passing attack traffic out to the internet. Flow analysis can often tip a hat to patterns of traffic that are indicative of attacks in the form of DoS and DDoS. IDS/IPS systems can block traffic that it can examine, and knows to be malicious, before it leaves the network border. As a person who has run exit nodes in the past and who's responsibility is the security of the community, network, systems, and information of the organization I don't believe that the level of attacks warrant a outright ban on TOR exit nodes. I would, however, love to see better controls integrated with TOR itself. Most of what you'll find policy-wise will be in the form of an AUP and not specific to TOR, as TOR is one version of a proxy. Hope this helps. Cheers, Harry On 04/28/2015 09:08 AM, Shawn Merdinger wrote:
Hi List Folks, Looking at https://torstatus.blutmagie.de it appears a number of US universities and colleges are running TOR exit nodes. For example: sipb-tor.mit.edu tor-exit.eecs.umich.edu belegost.csail.mit.edu tor-exit.eecs.umich.edu tor00.telenet.unc.edu freeland.student.rit.edu tor-exit.csail.mit.edu tor-node.rutgers.edu cs-tor.bu.edu onions.mit.edu tor-exit-node.cs.washington.edu epitaphtwo.stanford.edu tor-node.cs.usu.edu bomboloni.mit.edu thangorodrim.stanford.edu tor-node.cs.usu.edu torrouter.ucar.edu d23-105.uoregon.edu yofgerr.ucar.edu tor-exit-node.cs.usu.edu dhcp-172-214.caltech.edu tor-relay.cs.usu.edu tor-relay.cs.usu.edu torrouter.ucar.edu yofgerr.ucar.edu tor-exit-node-2.cs.usu.edu uncle-enzo.mit.edu tor-exit-node.cs.usu.edu wangata.ml-ext.ucar.edu tor-exit-node-2.cs.usu.edu wangata.ml-ext.ucar.edu moria.csail.mit.edu towhee.csail.mit.edu ozone.uoregon.edu dhcp-v14-00117.highsouth-resnet.unc.edu xvm-five-28.mit.edu moria.csail.mit.edu intended.cs.wesleyan.edu raspberrytea.mit.edu ibben.stanford.edu li3n45-38.mtholyoke.edu dhcp135.cs.columbia.edu ibben.stanford.edu torrouter.ml-ext.ucar.edu tor-relay00.ailab.wsu.edu tanet-tor-exit.mit.edu rdserv.student.rit.edu csg-gate.eecs.wsu.edu cast-tor.cast.uark.edu dhcp-168-242.caltech.edu dhcp0052.community.resnet.group.upenn.edu a01165910-raspi.bluezone.usu.edu saylor-02.feldberg.brandeis.edu ccrps33.cs.csubak.edu torg.cns.ksu.edu caslab.eng.yale.edu planetlabone.ccs.neu.edu I am curious as to what challenges, internal and external, there are to providing TOR exit nodes. Any institution have a formal, written policy? Any push-back (or support) from legal, professors, administration, campus police? Anecdotal stories to share of issues, positive or negative? Abuse complaints? Cheers, --scm
Current thread:
- TOR Exit Nodes and US .Edus? Shawn Merdinger (Apr 28)
- Re: TOR Exit Nodes and US .Edus? John K Lerchey (Apr 28)
- Re: TOR Exit Nodes and US .Edus? Shamblin, Quinn (Apr 28)
- Re: TOR Exit Nodes and US .Edus? Harry Hoffman (Apr 28)