Delivery-Date: Fri, 27 Jun 2014 07:27:06 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 0D4A71E0A15
	for <archiver@seul.org>; Fri, 27 Jun 2014 07:27:05 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 9E3D92ECA5;
	Fri, 27 Jun 2014 11:27:04 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id A18CF2EDF1
 for <tor-talk@lists.torproject.org>; Fri, 27 Jun 2014 11:26:33 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id JO6CMXh3tW7K for <tor-talk@lists.torproject.org>;
 Fri, 27 Jun 2014 11:26:33 +0000 (UTC)
Received: from nm24-vm0.bullet.mail.ne1.yahoo.com
 (nm24-vm0.bullet.mail.ne1.yahoo.com [98.138.90.34])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id 7F2852ECA5
 for <tor-talk@lists.torproject.org>; Fri, 27 Jun 2014 11:26:33 +0000 (UTC)
Received: from [98.138.226.178] by nm24.bullet.mail.ne1.yahoo.com with NNFMP;
 27 Jun 2014 11:26:31 -0000
Received: from [98.138.101.180] by tm13.bullet.mail.ne1.yahoo.com with NNFMP;
 27 Jun 2014 11:26:31 -0000
Received: from [127.0.0.1] by omp1091.mail.ne1.yahoo.com with NNFMP;
 27 Jun 2014 11:26:31 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 16114.289.bm@omp1091.mail.ne1.yahoo.com
Received: (qmail 10615 invoked by uid 60001); 27 Jun 2014 11:26:30 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024;
 t=1403868390; bh=C1YX8G65d0CnLX+zMURP0ew1d7tjU6rf9J4FhzN3GDI=;
 h=Message-ID:Date:From:Subject:To:MIME-Version:Content-Type;
 b=QZz56cjHh8/EbHVnv4eKONtjJgINf229V9E4y2Mk0fLgmk+Bmx51YI9dxQ7GGEYhwx59StlUzOuzMdY2yZ81mt4sHVu+vyeMIaNEi1ACNN9RCWA09q+IE7jBOIdwLpnyMgRzJI2PmCYldFkpzozOjXXUeB64VBPPN4XrGSDuuo8=
X-YMail-OSG: gSLAVn0VM1k849bPzwN2L7ztAjXIMsofSvr0vr81GUk5ua3
 hgDOuhSL6ENLv3MEk12LjA81Pa6kvU7rUpAuW_LuJmHUKaRMrBMRGVoTMqnJ
 mEt5j.OfO49_Ce5KPCnO1vXGcDSPLDfgwEhRm75bOZ43ywi8zpllTMVuBbKa
 zhbnQOXqOVr.3jhVzHyWWw7o2V6cOWK.lR.AuAPprx9X0W1CFTAWktttHMjL
 ndtU9KiDejsgWxqJBLmt2lQVlKFl7HztlPyyRo52ZsGcjNWu6050I_k7h_1q
 Ok9oWoYSJtQuWrUMyOoYtcK470DCzBUaIdBeoxeGzp.OvmmPLIYrEfbDr6sw
 85ZsEp6nURemotYhApW7ZBqT7dca6JTVV2wHIoMLT9mxfym.BgK0ue5hN_kc
 VvInyx1fqkvFWZEwC5jrKT5oF28QHTUmgihW9eRi09B9AAoVRc8STtym0uXj
 KWSq7CZYwzwNbL4LeROT0baifJR8zsb6cYcLwPB1sKDhfMsc4Zv2Fo9qiUHC P1Sl.
Received: from [46.246.54.144] by web122402.mail.ne1.yahoo.com via HTTP;
 Fri, 27 Jun 2014 04:26:30 PDT
X-Rocket-MIMEInfo: 002.001,
 SSByZWNlbnRseSB3YXRjaGVkIHRoZSB2aWRlbyBieSBBZHJpYW4gQ3JlbnNoYXcgKElyb25HZWVrKSBvbiBZb3V0dWJlIGFib3V0IGhvdyB0byB1c2UgZGFya25ldHMgYW5kIFRvciBlZmZlY3RpdmVseS4NCg0KT25lIG9mIGhpcyBjb25jZXJucyB3YXMgYWJvdXQgdGhlIGluZGl2aWR1YWxzIG9yIG9yZ2FuaXNhdGlvbnMgdGhhdCBhcmUgcnVubmluZyBleGl0IG5vZGVzLg0KDQpXaGF0IGlzIHRvIHN0b3Agc29tZW9uZSBmcm9tIHNldHRpbmcgdXAgYW4gZXhpdCBub2RlIGFuZCBhKSBzbmlmZmluZyBhbGwgdHIBMAEBAQE-
X-Mailer: YahooMailClassic/650 YahooMailWebService/0.8.191.1
Message-ID: <1403868390.19009.YahooMailBasic@web122402.mail.ne1.yahoo.com>
Date: Fri, 27 Jun 2014 04:26:30 -0700
From: Bobby Brewster <bobbybrewster203@yahoo.com>
To: tor-talk@lists.torproject.org
MIME-Version: 1.0
Subject: [tor-talk] Bad Exit Nodes.
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

I recently watched the video by Adrian Crenshaw (IronGeek) on Youtube about how to use darknets and Tor effectively.

One of his concerns was about the individuals or organisations that are running exit nodes.

What is to stop someone from setting up an exit node and a) sniffing all traffic or specifically non-SSL usernames and passwords and b) using SSLStrip to access SSL usernames and passwords?

I know this has been done in the past - I am talking about the situation today.

How could a person who is sniffing / stripping exit traffic be detected?

Also, how are bad nodes determined. For example, iiioooeee is a bad node. Why?  What makes it bad?  It is not an exit node.

However, HKT01 is an exit node that is marked bad.  Why?  Interestingly, HKT02 which is also an exit node is not marked bad even though they are on the same subnet as HKT01.

Thanks!
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

