[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-dev] OnionMail: Some attack attempt by unknown scanner + Tor Network scanning.

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-dev] OnionMail: Some attack attempt by unknown scanner + Tor Network scanning.
From: Liste <listsmlm@xxxxxxxxxxxx>
Date: Fri, 01 Aug 2014 13:57:13 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 01 Aug 2014 08:01:43 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>

Into the OnionMail's federated network there are two exit/enter server
that forward the email messages between tor network and the internet.
These servers are:
onionmail.info and onionmail.zapto.org
The first is the mail exit server, the second is a server to do network
testing and security check.

We was recived some scanning from 198.143.173.188 and other chinese and
russian proxy form jaunary to yesterday.
The exit node of OnionMail has a correlation between hidden services and
ip address.
To prevent real correlation we are implementing a new deamon NTU:
Network Terminator Unit.
(A proxy between tor, internet and vice versa).

Back to the point:

The NTU project could be update to hide the hidden services rotating the
connections between tor relay servers.
We can create another layer to protect the hidden services real ip
address using a protol like ATM.
(Connection ID, relative to hop and *not use ip address* with Virtual
Circuit Multiplexing).

The server onionmail.zapto.org was over debugging and wireshark.
We make available the logs if you need to lend a hand to understand what
happened.










_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Prev by Author: [tor-dev] only one signature on TBB 3.6.4
Next by Author: [tor-dev] Hidden service don't work or work???
Previous by thread: [tor-dev] unsubscribe
Next by thread: Re: [tor-dev] DNS proposal for Tor hidden services
Index(es):
- Author
- Thread