TOR Network – SysAdmin’s Nightmare

Have you heard of the TOR Project – probably not unless you are a paranoid conspiracy theorist with something to hide.  The TOR Project utilizes an “Onion Router” scheme to provide users anonymous web surfing.  TOR originally stood for “The Onion Router,” – in my opinion TOR is short for torment or torture for System Administrators.

We will NOT waste our time here outlining any of the so called “good things” about TOR or the “legitimate,” uses of TOR, what we will address is what TOR means to you as a System Administrator.  TOR dedicates 90% of their web site to crafty propaganda as to why TOR is a legimate project; but from our view point we cannot find the upside to anything as it relates to TOR.

TOR is a system administrators nightmare and should be viewed as a bonafida THREAT to any legitimate system administrator.  Because TOR obfuscates the IP Address of the web surfer it is nearly impossible to use an IP Address to differentiate between a legitimate web surfer and a hacker trying to crack your box.  TOR effectivly blocks any tracability or accountability when it comes to people using the TOR network of exit nodes.

Like any other onion, TOR will bring tears to your eyes if you are a system administrator
Tor is nothing but a conduit for criminals – delivering hackers to your front door with no warning.

The CodingCREW found out the hard way and the best advice we can give is to block all TOR nodes from your networks to be safe.  Boston University operates a TOR exit node and one of our customers recently was attacked and subsequently compromised by a hacker utilizing the Boston University TOR Node.  As system administrators we count on the help and professionalism of other system administrators to work in concert with us to ensure network safety for our networks and the public as a whole.  We never imagined that Boston University would openly support the criminal hacking of our networks, but that is exactally what happened.  When we contacted Boston Uiverstiy abuse and Incident Response Team we were informed it was not their problem they were a TOR exit node.  All we have to say about Boston University is that we never imagined that a institution of higher education would foster and enable criminals to prey on society through the Internet.

After suffering from a calculate and coordinated attack originating from multipul TOR nodes and after hours of SysAdmin time we became educated as to what exactaly the TOR Project is and how it works.  In a nut shell – the TOR Project allows criminals and hackers an avenue to surf the web in which it makes it almost impossibile for anyone to know who they are or where they originate from.  The perspective of the CodingCREW and all of our customers is; we cannot think of one legitimate reason why an individual would need to block their identity for legitimate and legal business on the Internet as it relates to our networks.  In as such, we found on the TOR Project website the only thing we think is worth while to publish; how to block all TOR Nodes from accessing our networks.

Burried way down deep in the TOR Project website are instructions for system administrators on how to block TOR Nodes from their networks “should they elect to do so.”  In our opinion the only thing worth reading on the TOR website is the section under “FAQ – Abuse” titled “I want to ban the Tor network from my service.”  TOR provides one sentence with two links to help you as a system administrator block TOR nodes from your network.  This information is critical to anyone serious about blocking TOR, HERE is a link to the TOR node IP Address list, and HERE is a link to information on how to block DNS-based TOR exit nodes.  The above listed links and information is the only information published by TOR that is worthy of republication on our networks.   

A TOR user can enter into the TOR network from Russia, Turkey or China and traverse the world only to  pop out from a TOR exit node that one would not normally suspect as a risk, or source of hacking and the TOR exit nodes allow this with no regard for responsibility and no accountability.  We feel that it is in our best interest to protect our networks from access by any and all TOR nodes.  TOR is nothing more than a conduit for which criminals can hide their identity to conduct their criminal activities.  There is much talk on the net about how TOR is a faviorate of child pornographers I wonder why?  I guess because TOR is a strictly volentary program that users have to make a concious knowing and educated decision to participate in the TOR Project, this means that Boston University supports the proliferation of child pornography because it is a known fact that TOR is widley used for such internet traffic.  Honestly, one needs to ask the question of whether Boston University is criminally liable for openly aiding and abetting criminals by allowing them to utilize universtiy resouces with no regard to the safety of the public at large.

Mark our words – if you don’t know about TOR and you don’t educate yourself to take the appropriate actions, you will find out about TOR the hard way as we did through a criminal attack.

Posted in Uncategorized

Comments are closed.