What can I do to reduce risk of malicious traffic leaving my exit relay besides setting the exit policy?

Question

I am considering running an exit relay. Unfortunately this opens possibility of legal issues and traffic restrictions from my Internet Service Provider. See Abuse FAQ and Legal FAQ.

There is a nice blog article recommending what to do: Tips for Running an Exit Node with Minimal Harassment.

• I can set the exit policy to limit potentially problematic ports and and IP addresses reachable from the exit relay using ExitPolicy option in torrc.
• I can limit the bandwidth by using *Bandwidth* options in torrc.
• I should not perform security inspection on the traffic leaving the Tor network because it is being considered bad. See May I do security inspection on exit relays?

Are there other means which I can use to limit possible malicious traffic leaving my exit relay?

Answer 1

I do not believe there are any other methods you could use that wouldn't ultimately harm the Tor network in some way.

Limiting the Bandwidth, and setting an Exit Policy are the only tools that Tor provides to configure your exit. Any other policy would have to either

• Use some form of traffic inspection, to determine if the traffic is "malicious", for whatever definition of malicious you use. This is liable to get you marked as a bad exit, as things like dropping specific connections are detectable.

• Apply to all traffic indiscriminately, which thus will also affect the "legitimate" traffic that you don't wish to affect.

Finally, I don't think the conception of "malicious" that most people have with reference to Tor is easy to detect anyway. As an example, one of the often cited malicious uses are people sending traffic designed to penetrate secure services, or firewalls. Yet that traffic could be coming from someone inside the network, whose job is to perform "penetration testing" on the network.

Another example is people using Tor to obtain illegal material. Yet the person obtaining the material may be a police officer building a case and collecting evidence, who doesn't want an IP associated with their organisation showing up as a red flag to the person sharing the material.

Answer 2

A couple of times, I've recieved a mail from the security staff of the VPS service where my exit relay is running, and the solution was to reduce the exit policy.

For the beginning, I'd use only 80 and 443 as exits ports, and later, if no one complains, add more ports to the exit policy.

Running an exit tor relay it's not as "dangerous" as it's seem :)

(*) related to "torrents distribution"....

Answer 3

Literally, nothing. Even one SINGLE packet pre-constructed for a vulnerable recepient is enough to make a headshot... So just adjust your bandwidth to your desired channel share and let it be so. You can also be a part of network attack just being infected by virus without even knowing what Tor is, not even running a relay.