> I ran a tor exit node at that time, and I am confident somebody > mis-used our tor exit node, as our WLAN is WPA2 encrypted.
This is one reason that if you are in any way [1] mixing: a) your own use of the internet/Tor and b) running an exit relay you should seriously consider logging either: a) your own traffic (whether via internet or Tor) b) exit traffic c) both To cover your ass. At least this way you'll have some form of log you can present if needed to give more weight to an explanation. This is easily accomplished by segmenting your network into separate VLAN's or interfaces and using passive monitoring such as netflow or tcpdump to capture IP traffic headers. It's also easy to encrypt the logs of at least your own traffic to prevent needless profiling from that data source should your systems be borrowed against your will. I'm sure others will argue 'logging bad' and 'legal footing', so I won't cover those aspects here. To each their own. [1] Shared computers, IP addresses, physical location, cohabitation, owners, etc. _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
