[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Large spike in .onion addresses - port scan?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Large spike in .onion addresses - port scan?
From: nusenu <nusenu@xxxxxxxxxxxxxxx>
Date: Sun, 21 Feb 2016 09:48:20 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 21 Feb 2016 04:48:57 -0500
Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=openmailbox.org; s=openmailbox; t=1456048122; bh=tOXcWUTSFkq0A4MdGmpJbTBavUI+Vdbd88fU+EPDn/g=; h=Subject:To:References:From:Date:In-Reply-To:From; b=vFt4v1MC45DgbRlqsLZXv+zUwVrnbozU6YAt/Hj5dCZpFsmp6t5H79hu73jK3v1U8 LLoVLXYZoqWfWvI+MyUkuXc8zvbEM5Xt0lNBmJ+9sl6A45QtlQYe67P1L8Yo1Yj2xe Py5FzMk/K+lJkF5FAhM7NcXKUbqE86BAOjQHMZxI=
Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=openmailbox.org; s=openmailbox; t=1456048112; bh=tOXcWUTSFkq0A4MdGmpJbTBavUI+Vdbd88fU+EPDn/g=; h=Subject:To:References:From:Date:In-Reply-To:From; b=Vs0df1jIWG+kHF5UnTRNWi6tPZgWFnPNBEnRbSvXh4MeYjCHZjhnuTo+kxAPvs6MK OhzhjzboRhlq+C/JU7b8Fk2ZFi0gMrpJPE8Dpg31aKE8aeLBtxd7kJdDFZoqe5eBwX I+zHnv/KfjH6V0b4whHOqa06cKyRTNC2fxZYVCKs=
In-reply-to: <CADL2u4joDoQebmy5hZVt2b7N=3YT8Jpv8cJ8pcRM6sKWqopzEQ@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <mailman.239.1455936375.3047.tor-talk@xxxxxxxxxxxxxxxxxxxx> <20160219214406.0000130f@xxxxxxxxxxx> <56C800F2.9020108@xxxxxxxxx> <0968d98d629bf8ad78497f5719e51c3b@xxxxxxxxxxxxxxxxx> <20160221003840.GC10235@xxxxxxxxxxxxxx> <CADL2u4joDoQebmy5hZVt2b7N=3YT8Jpv8cJ8pcRM6sKWqopzEQ@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>


RenÃ Ladan:
> Op 21 feb. 2016 1:39 a.m. schreef "Roger Dingledine" <arma@xxxxxxx>:
>>
>> On Sat, Feb 20, 2016 at 02:28:37AM -0600, CANNON NATHANIEL CIOTA wrote:
>>> With the large sudden spike in hidden services addresses, any way to
>>> view what the newly registered .onion addresses are or at least a
>>> list of hidden services during the suspected time frame?
>>
>> No, there is no easy way to do this. That's because there is no central
>> repository of onion addresses. There are services like Ahmia that try to
>> enumerate what they can, by looking at various sources like the content
>> on a set of known onion sites. But that only lets you learn about sites
>> that wanted to let you find out about them.
>>
>> This is actually a really complicated topic, because there are a wide
>> variety of ways of learning about onion addresses, each of which has
>> its own ethical questions around how invasive you have to be. For
>> example, you can get them by Googling for .onion addresses (probably
>> fine), or by being Verizon or Comcast and spying on the people who
>> use your DNS servers (not so fine), or by running Tor relays and spying
>> on the hidden service descriptors that people upload (not fine).
>>
> Another service is http://tor.luakt.net , which managed to find my
> otherwise unpublished (dummy) onion site after 1 to 2 weeks. It does listen
> on port 80 though.

LuaKT very likely runs a modified version of tor with additional logging
[1]. Until recently, the code was hosted on github.

Since I expected that this modified tor version will disappear from
github I made a copy of it while it was still there.


http://article.gmane.org/gmane.network.onion-routing.ornetradar/937
http://article.gmane.org/gmane.network.onion-routing.ornetradar/945




[1]
https://lists.torproject.org/pipermail/tor-relays/2016-January/008647.html

Attachment: signature.asc
Description: OpenPGP digital signature

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Large spike in .onion addresses - port scan?
  - From: Green Dream
- Re: [tor-talk] luakt
  - From: nusenu

References:
- [tor-talk] Tracking blocker
  - From: Paul A. Crable
- Re: [tor-talk] Tracking blocker
  - From: Jeremy Rand
- [tor-talk] Large spike in .onion addresses - port scan?
  - From: CANNON NATHANIEL CIOTA
- Re: [tor-talk] Large spike in .onion addresses - port scan?
  - From: Roger Dingledine
- Re: [tor-talk] Large spike in .onion addresses - port scan?
  - From: RenÃ Ladan

Prev by Author: Re: [tor-talk] The CVE-2015-7547 glibc getaddrinfo() vulnerability, and you.
Next by Author: Re: [tor-talk] luakt
Previous by thread: Re: [tor-talk] Large spike in .onion addresses - port scan?
Next by thread: Re: [tor-talk] Large spike in .onion addresses - port scan?
Index(es):
- Author
- Thread