Home Explore Help
Sign In
piros
/
tor
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: e3ba1094a0
Branches Tags
tor
/
contrib
/
tor-exit-notice.html

tor-exit-notice.html 6.4 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141 
  1. <?xml version="1.0"?>
    2. 

  2. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
    3. 

  3.     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
    4. 

  4. <html xmlns="http://www.w3.org/1999/xhtml">
    5. 

  5. <head>
    6. 

  6. <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
    7. 

  7. <title>This is a Tor Exit Router</title>
    8. 

  8. 

  9. <!--
    10. 

  10. 

  11. This notice is intended to be placed on a virtual host for a domain that
    12. 

  12. your Tor exit node IP reverse resolves to so that people who may be about
    13. 

  13. to file an abuse complaint would check it first before bothering you or
    14. 

  14. your ISP. Ex:
    15. 

  15. http://tor-exit.yourdomain.org or http://tor-readme.yourdomain.org.
    16. 

  16. 

  17. This type of setup has proven very effective at reducing abuse complaints
    18. 

  18. for exit node operators.
    19. 

  19. 

  20. There are a few places in this document that you may want to customize.
    21. 

  21. They are marked with FIXME.
    22. 

  22. 

  23. -->
    24. 

  24. 

  25. </head>
    26. 

  26. <body>
    27. 

  27. 

  28. <p style="text-align:center; font-size:xx-large; font-weight:bold">This is a Tor Exit Router</p>
    29. 

  29. 

  30. <p>
    31. 

  31. the traffic coming from this IP. This router is part of the <a
    32. 

  32. href="https://www.torproject.org/">Tor Anonymity Network</a>, which is
    33. 

  33. dedicated to <a href="https://www.torproject.org/overview.html">providing
    34. 

  34. privacy</a> to people who need it most: average computer users. This
    35. 

  35. router IP should be generating no other traffic, unless it has been
    36. 

  36. compromised.</p>
    37. 

  37. 

  38. 

  39. <!-- FIXME: you should probably grab your own copy of how_tor_works_thumb.png
    40. 

  40.      and serve it locally -->
    41. 

  41. 

  42. <p style="text-align:center">
    43. 

  43. <a href="https://www.torproject.org/overview.html">
    44. 

  44. <img src="https://www.torproject.org/images/how_tor_works_thumb.png" alt="How Tor works" style="border-style:none"/>
    45. 

  45. </a></p>
    46. 

  46. 

  47. <p>
    48. 

  48. Tor sees use by <a href="https://www.torproject.org/torusers.html">many
    49. 

  49. important segments of the population</a>, including whistle blowers,
    50. 

  50. journalists, Chinese dissidents skirting the Great Firewall and oppressive
    51. 

  51. censorship, abuse victims, stalker targets, the US military, and law
    52. 

  52. enforcement, just to name a few.  While Tor is not designed for malicious
    53. 

  53. computer users, it is true that they can use the network for malicious ends.
    54. 

  54. In reality however, the actual amount of <a
    55. 

  55. href="https://www.torproject.org/faq-abuse.html">abuse</a> is quite low. This
    56. 

  56. is largely because criminals and hackers have significantly better access to
    57. 

  57. privacy and anonymity than do the regular users whom they prey upon. Criminals
    58. 

  58. can and do <a
    59. 

  59. href="http://voices.washingtonpost.com/securityfix/2008/08/web_fraud_20_tools.html">build,
    60. 

  60. sell, and trade</a> far larger and <a
    61. 

  61. href="http://voices.washingtonpost.com/securityfix/2008/08/web_fraud_20_distributing_your.html">more
    62. 

  62. powerful networks</a> than Tor on a daily basis. Thus, in the mind of this
    63. 

  63. operator, the social need for easily accessible censorship-resistant private,
    64. 

  64. anonymous communication trumps the risk of unskilled bad actors, who are
    65. 

  65. almost always more easily uncovered by traditional police work than by
    66. 

  66. extensive monitoring and surveillance anyway.</p>
    67. 

  67. 

  68. <p>
    69. 

  69. In terms of applicable law, the best way to understand Tor is to consider it a
    70. 

  70. network of routers operating as common carriers, much like the Internet
    71. 

  71. backbone. However, unlike the Internet backbone routers, Tor routers
    72. 

  72. explicitly do not contain identifiable routing information about the source of
    73. 

  73. a packet, and no single Tor node can determine both the origin and destination
    74. 

  74. of a given transmission.</p>
    75. 

  75. 

  76. <p>
    77. 

  77. As such, there is little the operator of this router can do to help you track
    78. 

  78. the connection further. This router maintains no logs of any of the Tor
    79. 

  79. traffic, so there is little that can be done to trace either legitimate or
    80. 

  80. illegitimate traffic (or to filter one from the other).  Attempts to
    81. 

  81. seize this router will accomplish nothing.</p>
    82. 

  82. 

  83. <!-- FIXME: US-Only section. Remove if you are a non-US operator -->
    84. 

  84. 

  85. <p>
    86. 

  86. Furthermore, this machine also serves as a carrier of email, which means that
    87. 

  87. its contents are further protected under the ECPA. <a
    88. 

  88. href="http://www4.law.cornell.edu/uscode/html/uscode18/usc_sec_18_00002707----000-.html">18
    89. 

  89. USC 2707</a> explicitly allows for civil remedies ($1000/account
    90. 

  90. <i><b>plus</b></i>  legal fees)
    91. 

  91. in the event of a seizure executed without good faith or probable cause (it
    92. 

  92. should be clear at this point that traffic with an originating IP address of
    93. 

  93. FIXME_DNS_NAME should not constitute probable cause to seize the
    94. 

  94. machine). Similar considerations exist for 1st amendment content on this
    95. 

  95. machine.</p>
    96. 

  96. 

  97. <!-- FIXME: May or may not be US-only. Some non-US tor nodes have in
    98. 

  98.      fact reported DMCA harassment... -->
    99. 

  99. 

  100. <p>
    101. 

  101. If you are a representative of a company who feels that this router is being
    102. 

  102. used to violate the DMCA, please be aware that this machine does not host or
    103. 

  103. contain any illegal content. Also be aware that network infrastructure
    104. 

  104. maintainers are not liable for the type of content that passes over their
    105. 

  105. equipment, in accordance with <a
    106. 

  106. href="http://www4.law.cornell.edu/uscode/html/uscode17/usc_sec_17_00000512----000-.html">DMCA
    107. 

  107. "safe harbor" provisions</a>. In other words, you will have just as much luck
    108. 

  108. sending a takedown notice to the Internet backbone providers. Please consult
    109. 

  109. <a href="https://www.torproject.org/eff/tor-dmca-response.html">EFF's prepared
    110. 

  110. response</a> for more information on this matter.</p>
    111. 

  111. 

  112. <p>For more information, please consult the following documentation:</p>
    113. 

  113. 

  114. <ol>
    115. 

  115. <li><a href="https://www.torproject.org/overview.html">Tor Overview</a></li>
    116. 

  116. <li><a href="https://www.torproject.org/faq-abuse.html">Tor Abuse FAQ</a></li>
    117. 

  117. <li><a href="https://www.torproject.org/eff/tor-legal-faq.html">Tor Legal FAQ</a></li>
    118. 

  118. </ol>
    119. 

  119. 

  120. <p>
    121. 

  121. That being said, if you still have a complaint about the router,  you may
    122. 

  122. email the <a href="mailto:FIXME_YOUR_EMAIL_ADDRESS">maintainer</a>. If
    123. 

  123. complaints are related to a particular service that is being abused, I will
    124. 

  124. consider removing that service from my exit policy, which would prevent my
    125. 

  125. router from allowing that traffic to exit through it. I can only do this on an
    126. 

  126. IP+destination port basis, however. Common P2P ports are
    127. 

  127. already blocked.</p>
    128. 

  128. 

  129. <p>
    130. 

  130. You also have the option of blocking this IP address and others on
    131. 

  131. the Tor network if you so desire. The Tor project provides a <a
    132. 

  132. href="https://check.torproject.org/cgi-bin/TorBulkExitList.py">python script</a> to
    133. 

  133. extract all IP addresses of Tor exit nodes, and an official <a
    134. 

  134. href="https://www.torproject.org/tordnsel/">DNSRBL</a> is also available to
    135. 

  135. determine if a given IP address is actually a Tor exit server. Please
    136. 

  136. be considerate
    137. 

  137. when using these options. It would be unfortunate to deny all Tor users access
    138. 

  138. to your site indefinitely simply because of a few bad apples.</p>
    139. 

  139. 

  140. </body>
    141. 

  141. </html>
    142.