So with my knowledge of Tor, I know that exit nodes are where packets escape the Tor network and enter the "traceable" internet; ie. you can link an attack to an exit node but not the source of the attack within the Tor network. If I notice my server is getting attacked by exit nodes, can identifying as many exit nodes and blocking their IP addresses be enough to stop exit node attacks? Is identifying as many exit nodes as I can and taking measures against them a feasible countermeasure; or do the exit nodes shuffle around/mutate/change too often that, no matter what, exit nodes will continue to attack me?
Asked
Active
Viewed 7,283 times
1 Answers
4
It sounds like what you're trying to do is block all traffic from Tor exit nodes. This is exactly opposite of what shady sites like Silk Road do, in that they allow traffic only from Tor exit nodes. Either configuration is easily done because all Tor exit nodes are published. See these two StackExchange articles about how to do this:
Quick and easy answer: https://stackoverflow.com/questions/9780038/is-it-possible-to-block-tor-users
More in-depth answer: Block all BotNets and TOR addresses from accessing our site
-
1[TOR hidden services](https://www.torproject.org/docs/hidden-services.html.en) like Silk Road are a lot more complex than just blocking traffic from non-tor sources. But the on-topic parts of your answer are correct. – Philipp Apr 22 '14 at 15:37