Educause Security Discussion mailing list archives
Re: TOR Exit Nodes and US .Edus?
From: John K Lerchey <lerchey () ANDREW CMU EDU>
Date: Tue, 28 Apr 2015 13:28:49 +0000
Hi All, We - Carnegie Mellon - have had a Tor-exit node for a number of years. Some of the issues that we have faced are: 1) University reputation due to various attacks, scans, etc. sent through the Tor system 2) Need to modify existing security procedures to "exempt" the server from being taken off of the network for various activities. The same activities would trigger a network suspension in many cases for any other machine. 3) Having to explain to law enforcement and other groups/individuals that we really cannot determine who was responsible for <whatever is being reported> when the IP address is part of the university's IP range. 4) Interesting discussions between research faculty and our general counsel. :) What we have done (fairly recently) was to move the Tor server onto a completely different sub-net so that it does not use the same IP range as is used for ... less contentious computers on our network. We also have developed a good working relationship with the research faculty. We provide reporters of problems with instructions on how to not accept traffic from Tor nodes, but if there is push-back, the faculty block outbound traffic to the requested IP addresses or ranges. Since we moved the service into a less-obviously-us subnet, we have been receiving far fewer reports of problems. We don't have a formal policy on Tor Exit Nodes, but we only allow those that are approved for research purposes. I hope that this helps, John John K. Lerchey Incident Response Coordinator Information Security Office Carnegie Mellon University Give a man a phish, you might get his credentials. Teach a man to phish, he’ll get someone elses. Never provide your credentials in response to an email message. -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Shawn Merdinger Sent: Tuesday, April 28, 2015 9:09 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] TOR Exit Nodes and US .Edus? Hi List Folks, Looking at https://torstatus.blutmagie.de it appears a number of US universities and colleges are running TOR exit nodes. For example: sipb-tor.mit.edu tor-exit.eecs.umich.edu belegost.csail.mit.edu tor-exit.eecs.umich.edu tor00.telenet.unc.edu freeland.student.rit.edu tor-exit.csail.mit.edu tor-node.rutgers.edu cs-tor.bu.edu onions.mit.edu tor-exit-node.cs.washington.edu epitaphtwo.stanford.edu tor-node.cs.usu.edu bomboloni.mit.edu thangorodrim.stanford.edu tor-node.cs.usu.edu torrouter.ucar.edu d23-105.uoregon.edu yofgerr.ucar.edu tor-exit-node.cs.usu.edu dhcp-172-214.caltech.edu tor-relay.cs.usu.edu tor-relay.cs.usu.edu torrouter.ucar.edu yofgerr.ucar.edu tor-exit-node-2.cs.usu.edu uncle-enzo.mit.edu tor-exit-node.cs.usu.edu wangata.ml-ext.ucar.edu tor-exit-node-2.cs.usu.edu wangata.ml-ext.ucar.edu moria.csail.mit.edu towhee.csail.mit.edu ozone.uoregon.edu dhcp-v14-00117.highsouth-resnet.unc.edu xvm-five-28.mit.edu moria.csail.mit.edu intended.cs.wesleyan.edu raspberrytea.mit.edu ibben.stanford.edu li3n45-38.mtholyoke.edu dhcp135.cs.columbia.edu ibben.stanford.edu torrouter.ml-ext.ucar.edu tor-relay00.ailab.wsu.edu tanet-tor-exit.mit.edu rdserv.student.rit.edu csg-gate.eecs.wsu.edu cast-tor.cast.uark.edu dhcp-168-242.caltech.edu dhcp0052.community.resnet.group.upenn.edu a01165910-raspi.bluezone.usu.edu saylor-02.feldberg.brandeis.edu ccrps33.cs.csubak.edu torg.cns.ksu.edu caslab.eng.yale.edu planetlabone.ccs.neu.edu I am curious as to what challenges, internal and external, there are to providing TOR exit nodes. Any institution have a formal, written policy? Any push-back (or support) from legal, professors, administration, campus police? Anecdotal stories to share of issues, positive or negative? Abuse complaints? Cheers, --scm
Current thread:
- TOR Exit Nodes and US .Edus? Shawn Merdinger (Apr 28)
- Re: TOR Exit Nodes and US .Edus? John K Lerchey (Apr 28)
- Re: TOR Exit Nodes and US .Edus? Shamblin, Quinn (Apr 28)
- Re: TOR Exit Nodes and US .Edus? Harry Hoffman (Apr 28)