I made a big portscan+app fingerprinting of all Tor exit and Relay: wget -q -O /tmp/Tor_ip_list_ALL.csv \ http://torstatus.blutmagie.de/ip_list_all.php/Tor_ip_list_ALL.csv
nmap -iL /tmp/Tor_ip_list_ALL.csv -F -sS -sV -PI -T Insane \ -oM Tor-Scan-20-12-2011_00_30.out You can find the result here: http://infosecurity.ch/Tor-Scan-20-12-2011_00_30.out.gz It would be interesting to analyze it to understand "what's running" on Tor Exit and Tor Relays, eventually make up some kind of network monitoring systems like it's done for Enterprise Security Monitoring Systems. IE (automatically): - Having a periodic portscan + application fingerprinting - Passing the result to a nessus vulnerability analyzer - Sending the results to the contact info - Repeating the tests every 2 week, sending again the result to the contact info - If a "high" vulnerability it's not fixed automatically within 1 months, publish it to the internet Or a process like that to always know that the "System/Network" security of computers running Tor it's ok, and if not ok "do something". Imho it would not be complicated to setup a stuff like that -naif _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
