IETF Logo Mail Archive

Re: ietf.org unaccessible for Tor users

Eliot Lear <lear@cisco.com> Tue, 15 March 2016 12:59 UTC

Return-Path: <lear@cisco.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0E16312D9F4 for <ietf@ietfa.amsl.com>; Tue, 15 Mar 2016 05:59:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.522
X-Spam-Level:
X-Spam-Status: No, score=-14.522 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HBvQdAl1qi_s for <ietf@ietfa.amsl.com>; Tue, 15 Mar 2016 05:59:00 -0700 (PDT)
Received: from aer-iport-1.cisco.com (aer-iport-1.cisco.com [173.38.203.51]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 36FBE12D9EE for <ietf@ietf.org>; Tue, 15 Mar 2016 05:58:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1967; q=dns/txt; s=iport; t=1458046733; x=1459256333; h=subject:to:references:from:message-id:date:mime-version: in-reply-to; bh=nAAZIhBXxbSLVXdqNGsbxxJXbX1LBvzxfSpCEprK26g=; b=clSS7KE3a/7mgNBJXraG57xdVizzxesjc4ZgR1iwkb/CTiTnWxrR9zTp DKNRKxUsIF8lIrcko1Dh2PvUs5LB4Xgo1faZPr06PEaxGZSnGvHhnhDkr kVa4gontazQBfTjWwRlX/DOwiLe9eSEc2qL/5UF9zUF+SRvQIHfLFr3g6 o=;
X-Files: signature.asc : 481
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0B7AgCbBuhW/xbLJq1ehBpuuk8OgW4ZhXQCgXAUAQEBAQEBAWQnhEIBAQQjVRELGAkWCwICCQMCAQIBRQYBDAgBAYgirWKPTwEBAQEBAQEDAQEBAQEBAREIilyHO4E6AQSXT4McgWZtiBKBTwFghwGFVI5/HgFDg2Y7LopjAQEB
X-IronPort-AV: E=Sophos;i="5.24,339,1454976000"; d="asc'?scan'208";a="676016452"
Received: from aer-iport-nat.cisco.com (HELO aer-core-4.cisco.com) ([173.38.203.22]) by aer-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 15 Mar 2016 12:58:51 +0000
Received: from [10.61.234.176] ([10.61.234.176]) by aer-core-4.cisco.com (8.14.5/8.14.5) with ESMTP id u2FCwprN032763; Tue, 15 Mar 2016 12:58:51 GMT
Subject: Re: ietf.org unaccessible for Tor users
To: Leif Johansson <leifj@mnt.se>, ietf@ietf.org
References: <20160313143521.GC26841@Hirasawa> <m2a8m0y72q.wl%randy@psg.com> <F04B3B85-6B14-43BA-9A21-FC0A31E79065@piuha.net> <56E7E09D.7040100@cisco.com> <4349AFDD-350C-4217-9BEE-3DBD2F608F95@nohats.ca> <56E7EAA0.1050907@cs.tcd.ie> <56E7EE10.9000802@cisco.com> <56E7F4C7.6080808@mnt.se>
From: Eliot Lear <lear@cisco.com>
Message-ID: <56E8070A.7070901@cisco.com>
Date: Tue, 15 Mar 2016 13:58:50 +0100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:38.0) Gecko/20100101 Thunderbird/38.6.0
MIME-Version: 1.0
In-Reply-To: <56E7F4C7.6080808@mnt.se>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="3RWLRDSj6NcboFTq9QT2eogO8B6OE9dJe"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/jt1OwklbA6LAA6HXz5JMcKqHwCo>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Mar 2016 12:59:02 -0000


On 3/15/16 12:40 PM, Leif Johansson wrote:
>> Unless Tor itself is used for botnet C&C [1,2]?
>>
> By that you mean Tor is used to transport packets to botnet C&C - much
> like the Internet is used to transport packets to botnet C&C?
>
> 	

Yes, but we at least can spot the C&C on the Internet.  See upthread
about how hard that is with Tor.

Eliot

v2.23.0 | Report a Bug | By Email