[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Bootstraping Tor manually to get past the Great Firewall

On Mon, Dec 04, 2006 at 11:34:56AM +0800, John Kimble wrote:
> So, is there a way to bootstrap Tor by hand, i.e. feed it with a
> minimal set of network-status documents and/or server descriptors so
> that the first circuit can be built? As soon as this is done, and
> assuming "__allDirActionsPrivate=1" is set, Tor can then start pulling
> network-status from the authoritative directory servers and then
> proceed to resume full access to the entire Tor network as usual.

There's a controller feature that lets you feed Tor descriptors.
Check out the section on the POSTDESCRIPTOR command in
control-spec.txt.  Also, as a stopgap, if you dump a big pile of
descriptors in the cached-routers file and the correct statuses in the
cached-statuses directory before you start Tor, it should deal
correctly.  There isn't a controller command to post a new network
status, but adding one would be an easy project for somebody to try.

We'll probably need to do a bit more hacking before it works as a
complete solution for the censorship problem, though.  For one,
descriptors expire regularly, whereas the information you need to
communicate with a particular server could be made as small as its IP
and ORPort values.  (Clients would need to know not to trust the
connection they opened until they had used it to download signed
network-status documents.)

The long-term problem is dealing with the fact that the censors can
access the directories too, and that IP-based blocks are the bread and
butter of firewalls.

> network-status and server descriptors supplied in this manner are, of
> course, easily spoofed. But if the first thing Tor does after building
> the first circuit is to try to pull signed network-status documents
> from the built-in authoritative directory servers, then either the
> download will fail to validate (if fed a spoofed document), or Tor
> will bootstrap itself right back into the "real" Tor network.

Actually, you can't spoof a network-status document without changing
the authority key fingerprints Tor is configured with.

Nick Mathewson

Attachment: pgpybTwwyVRPB.pgp
Description: PGP signature