[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-talk] Automatic vulnerability scanning of Tor Network?
I made a big portscan+app fingerprinting of all Tor exit and Relay:
wget -q -O /tmp/Tor_ip_list_ALL.csv \
http://torstatus.blutmagie.de/ip_list_all.php/Tor_ip_list_ALL.csv
nmap -iL /tmp/Tor_ip_list_ALL.csv -F -sS -sV -PI -T Insane \
-oM Tor-Scan-20-12-2011_00_30.out
You can find the result here:
http://infosecurity.ch/Tor-Scan-20-12-2011_00_30.out.gz
It would be interesting to analyze it to understand "what's running" on
Tor Exit and Tor Relays, eventually make up some kind of network
monitoring systems like it's done for Enterprise Security Monitoring
Systems.
IE (automatically):
- Having a periodic portscan + application fingerprinting
- Passing the result to a nessus vulnerability analyzer
- Sending the results to the contact info
- Repeating the tests every 2 week, sending again the result to the
contact info
- If a "high" vulnerability it's not fixed automatically within 1
months, publish it to the internet
Or a process like that to always know that the "System/Network" security
of computers running Tor it's ok, and if not ok "do something".
Imho it would not be complicated to setup a stuff like that
-naif
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk