This sounds like an interesting project. I'd lend a helping code writing hand if needed. Yeah in general any sort of network tooling/forensics projects, stats gathering and hidden service related projects I'd be interested in helping out. cheers! David On Thu, Mar 03, 2016 at 01:47:28PM +0000, Aaron Gibson wrote: > On 2016-02-29 21:18, Donncha O'Cearbhaill wrote: > >Damian Johnson: > >> > >>Hi all, pulled the trigger on this... > >> > >>https://gitweb.torproject.org/project/web/webwml.git/commit/?id=3ddd63efa5296a221daa8a295280b37b2546e2bf > >> > >>Folks are coming out of the woodwork to mentor so we still have ten > >>projects (yay!), but not much concerning core tor. if you'd care to > >>mentor one of these then more than happy to add it back to our page. > > > >Great work on getting the GSoC program together, and getting selected! > > > >I'd be happy to be the second mentor for any Python-based project, > >particular if it's related to hidden services or network monitoring. > > > >Regards, > >Donncha > > A project I discussed last night with Donncha and Yawnbox is > > Title: > > IP hijacking detection for the Tor Network. > > Description: > > IP hijacking (https://en.wikipedia.org/wiki/IP_hijacking) occurs when a bad > actor creates false routing information to redirect Internet traffic to or > through themselves. This activity is straightforward to detect, because the > Internet routing tables are public information, but currently there are no > public services that monitor the Tor network. The Tor Network is a dynamic > set of relays, so monitoring must be Tor-aware in order to keep the set of > monitored relays accurate. Additionally, consensus archives and historical > Internet routing table snapshots are publicly available, and this analysis > can be performed retroactively. > > The implications of IP hijacking are that Tor traffic can be redirected > through a network that an attacker controls, even if the attacker does not > normally have this capability - i.e. they are not in the network path. For > example, an adversary could hijack the prefix of a Tor Guard relay, in order > to learn who its clients are, or hijack a Tor Exit relay to tamper with > requests or name resolution. > > This project comprises building a service that compares network prefixes of > relays in the consensus with present and historic routing table snapshots > from looking glass services such as Routeviews (http://routeviews.org), or > aggregators such as Caida BGPStream (https://bgpstream.caida.org) and then > issues email alerts to the contact-info in the relay descriptor and a > mailing list. Network operators are responsive to route injections, and > these alerts can be used to notify network operators to take immediate > action, as well as collect information about the occurrence of these type of > attacks. > > Estimated time to build this service: 3 months > > --Aaron > _______________________________________________ > tor-project mailing list > tor-project@xxxxxxxxxxxxxxxxxxxx > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ tor-project mailing list tor-project@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project