[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Proposal to mitigate insecure protocols over Tor
Hello,
> As an initial step towards mitigating the use of the above-mentioned
> insecure protocols, we propose that the default ports for each respective
> insecure service be blocked at the Tor client's socks proxy. These default
> ports include:
> 23 - Telnet
> 109 - POP2
> 110 - POP3
> 143 - IMAP
Than you should block http, too.
Nearly all blogs, webmail interfaces, bulletin boards, ebay, amazon and so on work with
unencrypted traffic (login at ebay and amazon is encrypted but session
afterwards runs via http).
When you block all these ports by default 90% of the users drop tor
because it didn't work[tm] and they don't care about the warning messages.
My guess is that even you try to do MITM attacks at https, pop3s,
imaps, smtps and ssh 90% of the users ignore the warning about wrong
fingerprints and broken certificate chains.
greetings
Carsten