[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: The use of malicious botnets to disrupt The Onion Router

     On Sat, 2 Feb 2008 01:57:01 -0500 "Ron Wireman" <ronwireman@xxxxxxxxx>
>It seems to me that we owe a lot the roughly 1,500 people who donate their
>bandwidth to our project at any one time.  They give us a tremendous gift
>that allows us to participate in unpopular or even dangerous political
>speech and debate, to by-pass inappropriately restrictive filters, and to
>limit the amount of information about ourselves that we reveal to the
>organizations who run the Internet sites we access.  I don't wish to divulge
>some of the ways in which I've used tor to protect myself, but I'm sure all
>of you reading this list can think of many examples where it has assisted
>you in your own life and most of you use it on a frequent basis.  All of
>this comes at the cost of time and money from many volunteers who receive no
>benefit whatsoever from relaying your traffic for you.

     Actually, there are benefits, some of which are even pointed out in
various web pages and/or documents available at www.torproject.org.  One
is that running a server helps to hide your client's traffic by mixing it
in with all the traffic relayed for others.  Another is that each server's
presence increases the overall capacity for traffic going through the tor
network, thereby providing support for even bigger crowds of packets and
circuits for your own to be concealed among.
>It seems to me, however, that even this gracious act of charity may be no
>match for the types of attacks we may be faced with as we become more
>popular and, as a result, more of a target. The number of users running tor
>nodes pales in comparison to the number of computers that may be in any one
>of the many individual botnets, which are groups of hijacked computers
>controlled in unison by a single entity.  The largest of these botnets ever
>discovered had over 1,000 times the number of nodes that tor does.  What
>happens when one of these botnets are commanded to join tor all at once and
>begin harvesting private data that people naively did not encrypt or, worse,
>replacing all pictures requested with goatse.jpg?  These and other malicious

     The problem of corrupted exit servers is indeed one that we should all
ponder until a solution may be found.  However, setting up, say, 1,000 hidden,
slaved, correctly configured tor servers via a bot net may be rather more
difficult to accomplish than you have fully considered.  Entry guards and
middlemen probably wouldn't be useful to an attack coordinator.

>acts could easily take place, perhaps even perpetrated by a malevolent
>government entity, and would cause significant disruption to our router.
>We must take expedient measures to prevent this type of attack, because as
>of now, tor is quite vulnerable, perhaps even critically so.  The group of
>computers that make up the official Network Time Protocol pool, a network
>that is used to provide extremely accurate time synchronization for millions
>of computers around the world, has a manually administrated list.  Since it
>has about as many nodes on it as tor has, it suggests that maintaining such
>a list would not be difficult.  It seems to me that this would be an
>excellent way to prevent a node flood attack.  Without it, tor will be rot.
     Again, I think you may well be underestimating the manpower required to
install and configure lare numbers of tor servers.

                                  Scott Bennett, Comm. ASMELG, CFIAG
* Internet:       bennett at cs.niu.edu                              *
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *