Hi all, my edge router has picked up some traffic to my IPFS node from a TOR source. This may be a non-issue but it was raised as a possible attack vector. What do people think? Should I block this IP? Is use of TOR on an IPFS node considered an ok practice?
If that “Traffic Detail” is accurate, it’s not coming from a TOR exit node (i.e., anonymized traffic). Rather, it’s coming from a machine that also happens to route traffic internal to the TOR network. So the source you see should be the actual source.
In any case, unless they are spamming your node or doing something else malicious, the fact that the IPFS node is a TOR relay (probably not even a TOR exit node) doesn’t necessarily make their IPFS peer any less ok than any other IPFS peer. (this is all my opinion, I’m not sure there are any guidelines)
Thanks @leerspace, I’m a rookie on all things TOR so I will go with your advice/opinion. I had “suspected” something like what you said but would never have been able to say it so well.
A bit old I know but :
It’s my own node lol (check
nslookup jorropo.ovh), it’s not running an exit relay (just an entry/middle one so my node can only be used to dial other tor nodes, not public IPs).
My node host tor + ipfs on the same VPS but this traffic is not comming through tor (here is an extract of my
torrc, the part concerning exit relay) :
ExitPolicy reject *:* # no exits allowed
PS: I don’t even see why tor traffic would be a concern, this doesn’t add new attack vectors just anonymize people using it, if you don’t like not knowing who you are talking with maybe block exit relays but remember that lots of people using tor just escape a situation they don’t like (surveillance (including all the adware on the web), censorship, …).