[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #4185 [Tor Bridge]: Bridge easily detected by GFW

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #4185 [Tor Bridge]: Bridge easily detected by GFW
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Thu, 29 Dec 2011 13:12:48 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 29 Dec 2011 08:13:00 -0500
In-reply-to: <048.2667c7372439c8faab65d12f06e31be4@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bug tracker status mails <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <048.2667c7372439c8faab65d12f06e31be4@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#4185: Bridge easily detected by GFW
------------------------+---------------------------------------------------
 Reporter:  hrimfaxi    |          Owner:                    
     Type:  defect      |         Status:  new               
 Priority:  normal      |      Milestone:  Tor: unspecified  
Component:  Tor Bridge  |        Version:  Tor: 0.2.3.5-alpha
 Keywords:  blocking    |         Parent:                    
   Points:              |   Actualpoints:                    
------------------------+---------------------------------------------------
Changes (by naif):

 * cc: naif (added)


Comment:

 Checked several IP of them,  it seems that most of them are dynamic IP
 addresses of DSL and PPP running variety of OS, from Windows 2003 with
 Terminal Service, Linux with Mysql, cheap home router.

 Some questions:
 a) After the SSL negotiation, does the GFW probes also send an HTTP
 request or just finish the SSL handshake and close it?

 b) Does the prober announce a specific/detectable set of SSL/TLS
 version/ciphers?

 c) Does anyone checked actively with OS fingerprinting tools if the
 "prober's OS" can be recognized?

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4185#comment:23>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #4799 [Company]: Mailing list for onionbox beta testers
Next by Author: [tor-bugs] #4800 [Company]: Install script to generate RT stats
Previous by thread: Re: [tor-bugs] #4185 [Tor Bridge]: Bridge easily detected by GFW
Next by thread: [tor-bugs] #4745 [Tor Relay]: Possible flaws in sockaddr validation in connection_handle_listener_read()
Index(es):
- Author
- Thread