Re: TOR Exit Nodes and US .Edus?

[Harry Hoffman <hhoffman () IP-SOLUTIONS NET>]

Hi Shawn,

So, this is a question that comes up fairly frequently.

In my opinion TOR software ultimately serves a lofty purpose that tends
to align itself well with academic institutions, namely the ability to
explore new ideas without the fear of censorship or repercussions.

With these features come a fine line in its usage for exploration vs
exploitation. And to further confound that, the line is quite fuzzy
between the two depending on local laws.

Most of the challenges fall around ensuring that there's some
responsibility in running this service. The de facto answer that I hear
so often is the one that the TOR group provides as a script to the
operator running the system, which ultimately says "Sorry, there's
nothing we can do...".

For any other system on a network this answer wouldn't fly. If a machine
is attacking another machine via the network I believe some mitigating
action should take place.

As a network operator there are many opportunities to ensure you aren't
just passing attack traffic out to the internet. Flow analysis can often
tip a hat to patterns of traffic that are indicative of attacks in the
form of DoS and DDoS. IDS/IPS systems can block traffic that it can
examine, and knows to be malicious, before it leaves the network border.

As a person who has run exit nodes in the past and who's responsibility
is the security of the community, network, systems, and information of
the organization I don't believe that the level of attacks warrant a
outright ban on TOR exit nodes.

I would, however, love to see better controls integrated with TOR itself.

Most of what you'll find policy-wise will be in the form of an AUP and
not specific to TOR, as TOR is one version of a proxy.

Hope this helps.

Cheers,
Harry



On 04/28/2015 09:08 AM, Shawn Merdinger wrote:
> Hi List Folks,
>
> Looking at https://torstatus.blutmagie.de it appears a number of US
> universities and colleges are running TOR exit nodes.
>
> For example:
>
> sipb-tor.mit.edu
> tor-exit.eecs.umich.edu
> belegost.csail.mit.edu
> tor-exit.eecs.umich.edu
> tor00.telenet.unc.edu
> freeland.student.rit.edu
> tor-exit.csail.mit.edu
> tor-node.rutgers.edu
> cs-tor.bu.edu
> onions.mit.edu
> tor-exit-node.cs.washington.edu
> epitaphtwo.stanford.edu
> tor-node.cs.usu.edu
> bomboloni.mit.edu
> thangorodrim.stanford.edu
> tor-node.cs.usu.edu
> torrouter.ucar.edu
> d23-105.uoregon.edu
> yofgerr.ucar.edu
> tor-exit-node.cs.usu.edu
> dhcp-172-214.caltech.edu
> tor-relay.cs.usu.edu
> tor-relay.cs.usu.edu
> torrouter.ucar.edu
> yofgerr.ucar.edu
> tor-exit-node-2.cs.usu.edu
> uncle-enzo.mit.edu
> tor-exit-node.cs.usu.edu
> wangata.ml-ext.ucar.edu
> tor-exit-node-2.cs.usu.edu
> wangata.ml-ext.ucar.edu
> moria.csail.mit.edu
> towhee.csail.mit.edu
> ozone.uoregon.edu
> dhcp-v14-00117.highsouth-resnet.unc.edu
> xvm-five-28.mit.edu
> moria.csail.mit.edu
> intended.cs.wesleyan.edu
> raspberrytea.mit.edu
> ibben.stanford.edu
> li3n45-38.mtholyoke.edu
> dhcp135.cs.columbia.edu
> ibben.stanford.edu
> torrouter.ml-ext.ucar.edu
> tor-relay00.ailab.wsu.edu
> tanet-tor-exit.mit.edu
> rdserv.student.rit.edu
> csg-gate.eecs.wsu.edu
> cast-tor.cast.uark.edu
> dhcp-168-242.caltech.edu
> dhcp0052.community.resnet.group.upenn.edu
> a01165910-raspi.bluezone.usu.edu
> saylor-02.feldberg.brandeis.edu
> ccrps33.cs.csubak.edu
> torg.cns.ksu.edu
> caslab.eng.yale.edu
> planetlabone.ccs.neu.edu
>
> I am curious as to what challenges, internal and external, there are
> to providing TOR exit nodes.  Any institution have a formal, written
> policy?  Any push-back (or support) from legal, professors,
> administration, campus police?  Anecdotal stories to share of issues,
> positive or negative?  Abuse complaints?
>
> Cheers,
> --scm