[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #13667 [Tor]: Prevent port scanning of hidden services



#13667: Prevent port scanning of hidden services
------------------------+------------------------------------------
     Reporter:  arma    |      Owner:
         Type:  defect  |     Status:  new
     Priority:  major   |  Milestone:  Tor: 0.2.6.x-final
    Component:  Tor     |    Version:
   Resolution:          |   Keywords:  SponsorR tor-hs 025-backport
Actual Points:          |  Parent ID:
       Points:          |
------------------------+------------------------------------------

Comment (by dgoulet):

 After a discussion on IRC at the little-t tor meeting, here is the
 consensus. In a nutshell, reason done and kill the circuit.

 {{{
 < nickm> Ultimately, there is no solution to #13667.  If a client can try
 to connect
          to a port, and if that client can differentiate success from
 failure, and
          the scanner knows everything that the client does, then
 ultimately the
          scanner can scan ports.
 < dgoulet> yes exactly so our best course of action is to make it harder
 as we can I
            guess
 < nickm> so, if we do END_REASON_DONE and drop, they have to build more
 circuits and
          do more introduction handshakes.
 < dgoulet> "2)" has the possible drawback of the HS having a lot of opened
 circ.
 < nickm> If we  do "insert random delays and finally drop at some point",
 they have
          to open just as many circuits, maybe, and their programming job
 gets a
          little harder, but they can do multiple queries in parallel, so
 ultimately
          we're not slowing them down much
 < dgoulet> nickm: yeah the parallel scanning makes that solution a bit
 useless
 < nickm> I think that "drop and kill the circuit" is probably a reasonable
 thing to
          do, in terms of trade-off between how much it helps and how hard
 it is.
 < Yawning> ;_;
 < Yawning> yeah
 < dgoulet> yeah
 < Yawning> if people are more paranoid, they could use authenticated HSes
 or
            something
 < nickm> Yeah. For a real answer, I'd think that better access control is
 the answer.
 }}}

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13667#comment:11>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs