[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: critical security vulnaribility fixed in Tor 0.1.2.16

To: or-talk@xxxxxxxxxxxxx
Subject: Re: critical security vulnaribility fixed in Tor 0.1.2.16
From: coderman <coderman@xxxxxxxxx>
Date: Sat, 4 Aug 2007 05:48:32 -0700
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Sat, 04 Aug 2007 08:48:41 -0400
Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=KVNHFOv6MrUzn8TUr+CKjzuIutv6J29sEkfP+wJMn0FELP9cH0AZ/CM/fUCo1AFjZbijZx8FneU4g/kkmBom497WooIIn3D2Aez9ZA+pcDk212rVC/kq4OLd4e4ts6QAzOhsPPp3K9IqPr5j38EPNo87Tn6HE9C36gWXUzt7YPA=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=Da8J9hB973bKQYMmJovKTrlm/s8kU8zf/vuyxd25eTdWklnzoRwj0RgxGxYmYIxBz4tDA89+1JcboAtpE7xX/+NtjxNavojWXnr+r9KcKAHJ7wXedEhqnRnnyBwsBpsAQ3+mxj5Itz+K47TqZIEY/Iu1675qyqChOIn6fIuKIFE=
In-reply-to: <46B473F6.4010604@xxxxxxxxx>
References: <20070802221918.GF20786@xxxxxxxxxxxxxx> <46B44F87.7000902@xxxxxxxxx> <4ef5fec60708040425q51472a84m9e7be3255df9d99d@xxxxxxxxxxxxxx> <46B468DF.9030100@xxxxxxxxx> <4ef5fec60708040504x40df49deh418fa5a103261da1@xxxxxxxxxxxxxx> <46B473F6.4010604@xxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

On 8/4/07, vikingserver@xxxxxxxxx <vikingserver@xxxxxxxxx> wrote:
>  So in order to get attacked and get the torrc file modified, you first have
> to get infected by a worm, virus, malware or trojan horse that communicates
> with localhost:9051?

no.


>  There is no way that someone could directly attack me through port 9051
> behind a physical firewall? Is this correct?

what do you mean directly?  your firewall protects against remote
connections, but direct connections can be made from localhost.


>  If this is correct, then the chance of getting attacked behind a physical
> firewall is very low, right?

no.

best regards,

Follow-Ups:
- Re: critical security vulnaribility fixed in Tor 0.1.2.16
  - From: vikingserver@xxxxxxxxx

References:
- critical security vulnaribility fixed in Tor 0.1.2.16
  - From: vikingserver@xxxxxxxxx
- Re: critical security vulnaribility fixed in Tor 0.1.2.16
  - From: coderman
- Re: critical security vulnaribility fixed in Tor 0.1.2.16
  - From: vikingserver@xxxxxxxxx
- Re: critical security vulnaribility fixed in Tor 0.1.2.16
  - From: coderman
- Re: critical security vulnaribility fixed in Tor 0.1.2.16
  - From: vikingserver@xxxxxxxxx

Prev by Author: Re: tor servers communicating to wrong ports
Next by Author: Re: Warning to NoReply.org DEB Package Users
Previous by thread: Re: critical security vulnaribility fixed in Tor 0.1.2.16
Next by thread: Re: critical security vulnaribility fixed in Tor 0.1.2.16
Index(es):
- Author
- Thread