[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: flooding attacks to discover hidden services

To: or-talk@xxxxxxxxxxxxx
Subject: Re: flooding attacks to discover hidden services
From: Wikileaks <wikileaks@xxxxxxxxxxxxx>
Date: Tue, 2 Jan 2007 18:53:57 +1100
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Tue, 02 Jan 2007 02:55:04 -0500
In-reply-to: <20070101182252.GL8523@cl.cam.ac.uk>
References: <148d59250612292345o7c4718d2i91570371ffca0258@mail.gmail.com> <45965B9C.4080004@gmail.com> <a46699dc0612300549t44628eb2j3d9026a70b9910dc@mail.gmail.com> <20070101132729.GI8523@cl.cam.ac.uk> <6F8A932B-A167-49C0-A6AA-B0D51DCA7F60@wikileaks.org> <20070101182252.GL8523@cl.cam.ac.uk>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

If the hidden service is not on a Tor server, and there is no other
way for the attacker to build a list of candidates to ping, then the
attack becomes a lot harder.

Yes, this is what we observed too; but found nothing about this in the FAQ on hidden services and the default tor config is not set up to permit this configuration without hackery.

Likewise [not in reference to hidden servers], it is better for Tor to use a different outbound address to inbound, since the ORport addresses are published globally by Dirservers. Also not mentioned to my knowledge.

Lucky.

References:
- Re: Wired article on Tor
  - From: Steven Murdoch
- flooding attacks to discover hidden services
  - From: Wikileaks
- Re: flooding attacks to discover hidden services
  - From: Steven Murdoch

Prev by Author: flooding attacks to discover hidden services
Next by Author: Re: flooding attacks to discover hidden services
Previous by thread: Re: flooding attacks to discover hidden services
Next by thread: Tor and Thunderbird: Outgoing Email Unsafe?
Index(es):
- Author
- Thread