[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Is this a practical vulnerability?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Is this a practical vulnerability?
From: Anon Mus <my.green.lantern@xxxxxxxxxxxxxx>
Date: Sat, 20 Oct 2012 11:44:09 +0100
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 20 Oct 2012 06:44:18 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; bh=oLsr8ItnikHsDo3NHG/whIVm9+3FTDOdglnxwND4if0=; b=twfixRd8SrO5ybANUYYC5H6nUa8Q0eekcnIHSDgk6/i1mI73BE5oYXyJ9vAbJHz64z 5/tpVpJvPayF+TNY+J9GVGac1wqcGiAK/aWfCuoFWnQrQp54qu6WcIgXVc0SIU1mV2TZ 189VlkqrGxTetwNpp7NtCKqlGNCRMA7Y06WFpW6Of0vuL9yZI6kjoy7iJCxqXU4TuooT unt3HWcuWYDg3JzWTA4xYhn2HEylX3i6hknA+Qg61B/8MOezA1zJudOl5P10sekNLnzm qWVPl+uVH9C3v6tFACe00XYViAMCwY2jOSBqfN1YKL83i+6+Kg/rGtZ3jLfHuaYVLROm ptGw==
In-reply-to: <439C6BAC36D9324BB78D8A333DD5EE965E6D5110@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <439C6BAC36D9324BB78D8A333DD5EE965E6D5110@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

On 19/10/2012 15:40, Lee Whitney wrote:

There are actually two possible explanations for what you saw:
	1)  Tor was compromised

If it was compromised then why would they have hacked the web server inthat manner and with such inaccuracy?

	2)  Your IP was discovered


Well, as I said, I tested the web pages for leakage. There was none.

Maybe the test request you made logged your IP and then it could be
anywhere.  Also as you know people are constantly scanning subnets for
servers.

I don't discount government snooping, it just seems a little crude for
them to be tripping alarm bells on a small unknown target.


Perhaps they though I'd have no firewall and no logs.

Yes there are scanners, these were already blocked, but the web serveronly went on-line the day the hidden service went in and it wentoff-line 48 hrs later.

I never saw another such attack, neither before or after that. Theattacks stopped just a few days after I shut the service down.

When you consider that Tor hidden services could be used for all mannerof mil/intel purposes by any country with an internet connection and apc, then it begins to make sense. Its not JUST snooping on Joe public.




_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- Re: [tor-talk] Is this a practical vulnerability?
  - From: Lee Whitney

Prev by Author: Re: [tor-talk] Is this a practical vulnerability?
Next by Author: Re: [tor-talk] Is this a practical vulnerability?
Previous by thread: Re: [tor-talk] Is this a practical vulnerability?
Next by thread: Re: [tor-talk] Is this a practical vulnerability?
Index(es):
- Author
- Thread