@oconor: > Let me ask you a short question. Have you ever worked with IPS?
Yes. Please see my later email in this thread. I have experience with Snort, Bro and proprietary IPS/IDS systems from Cisco and Palo Alto. I also worked at a university's network operations helpdesk, where we received hundreds of DCMA and abuse requests every week. I'm entirely aware of the work required. I understand fully you have a job to do, and I'm not immune to your or other provider concerns. I just don't think IPS is the right solution for Tor exits. If we're going to change anything I think it needs to happen within Tor software. Operators could leverage the existing "Exitpolicy reject" rules, or Tor could add functionality there if it's missing. Whatever we do, I think it needs to be uniform and transparent. _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
