Nmap Development mailing list archives
Re: Scanning trough proxy, including Tor: Ethical consideration
From: Fyodor <fyodor () nmap org>
Date: Thu, 16 Jul 2015 16:07:46 -0700
On Tue, Jul 14, 2015 at 4:44 AM, Fabio Pietrosanti (naif) - lists < lists () infosecurity ch> wrote:
Regarding the high-performance scanning trough proxy, including and especially Tor, did you considered the ethical aspects of such implementation?
Hi Fabio. It's an important concern, and one I also had many years ago when we started taking the first tentative steps toward support for scanning through Tor. I wasn't sure whether Tor developers would appreciate this feature for the value it can add in using and debugging connectivity through Tor nodes, or consider it a negative for the Tor Project due to abuse potential. But I've spoken with many Tor developers and I don't think any of them have tried to dissuade us from adding this. To the contrary, they commonly asked me unprompted when we will finally add better Tor support to Nmap. And several of them have even contributed patches. For example, Tor developer Jacob Appelbaum (@ioerror) wrote one of the first proof of concept patches for scanning through Tor with Nmap back in 2009. He checked it into our svn tree here: https://svn.nmap.org/nmap-exp/ioerror/nmap-proxy/?p=25000 And ioerror isn't the only Tor developer who has contributed patches to enhance Nmap's ability to scan through Tor. So my hope, and my current understanding, is that the Tor Project folks will appreciate this new feature. Some people will probably abuse it, and that is unfortunate. But if the Tor folks wanted to hold back technology because of the potential for abuse, well, they'd have probably shut down the whole Tor network and project by now. Cheers, Fyodor
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Scanning trough proxy, including Tor: Ethical consideration Fabio Pietrosanti (naif) - lists (Jul 14)
- Re: Scanning trough proxy, including Tor: Ethical consideration Gioacchino Mazzurco (Jul 14)
- Re: Scanning trough proxy, including Tor: Ethical consideration Jacek Wielemborek (Jul 14)
- Re: Scanning trough proxy, including Tor: Ethical consideration Daniel Miller (Jul 14)
- Re: Scanning trough proxy, including Tor: Ethical consideration Fyodor (Jul 16)
- Re: Scanning trough proxy, including Tor: Ethical consideration Fabio Pietrosanti (naif) - lists (Jul 17)