[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Why TOR Operators SHOULD always sniff their exit traffic...



On Fri, Jun 10, 2005 at 08:59:21AM +0200, Kristian K?hntopp wrote:
> On Wednesday 08 June 2005 21:51, tor wrote:
> > Of particular interest is the increasing
> > sophistication of automated worm-based attacks. He cites the
> > developing W32.spybot.KEG
> > worm -- once inside a network it scans for several
> > vulnerabilities and reports its findings via IRC. 
> 
> And Sober variants routinely use JAP to fetch updates.

There no reason for a worm to not use a P2P onion network for control
traffic, and unblockable software updates. Sooner or later it's bound to
happen.

A Tor worm in China would actually be a good thing.

-- 
Eugen* Leitl <a href="http://leitl.org";>leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

Attachment: signature.asc
Description: Digital signature