[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Is this a practical vulnerability?

To: "tor-talk@xxxxxxxxxxxxxxxxxxxx" <tor-talk@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: [tor-talk] Is this a practical vulnerability?
From: Lee Whitney <lee@xxxxxxxxxxxxxxx>
Date: Fri, 19 Oct 2012 14:40:22 +0000
Accept-language: en-US
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 19 Oct 2012 10:55:14 -0400
In-reply-to: <50812A9E.4040606@xxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx
Thread-index: AQHNraedoA3IS4E9YEiEXw9EJL9gOJfAbNUA///zXQA=
Thread-topic: [tor-talk] Is this a practical vulnerability?

There are actually two possible explanations for what you saw:
	1)  Tor was compromised
	2)  Your IP was discovered

Maybe the test request you made logged your IP and then it could be
anywhere.  Also as you know people are constantly scanning subnets for
servers.

I don't discount government snooping, it just seems a little crude for
them to be tripping alarm bells on a small unknown target.


On 10/19/12 5:25 AM, "Anon Mus" <my.green.lantern@xxxxxxxxxxxxxx> wrote:
>Having  a static IP net connection, I set up a test web site as a Tor
>service on a Tor middleman server. That server had been a middleman
>server for about a year, no problems, no attempts to hack it in all that
>time.
>
>Within 24hrs of making that Tor hidden service live I could see, in my
>firewall logs, hundreds of repeated attempts trying to hack my server,
>directly from the internet, not via my hidden Tot service. 


_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Is this a practical vulnerability?
  - From: Anon Mus

References:
- Re: [tor-talk] Is this a practical vulnerability?
  - From: Anon Mus

Prev by Author: [tor-talk] Is this a practical vulnerability?
Next by Author: Re: [tor-talk] Is this a practical vulnerability?
Previous by thread: Re: [tor-talk] Is this a practical vulnerability?
Next by thread: Re: [tor-talk] Is this a practical vulnerability?
Index(es):
- Author
- Thread