[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Systematically finding bad relays (was: Anecdotical experience of SSH MITM)



On Wed, Jul 19, 2017 at 01:43:32PM -0500, eric gisse wrote:
> Is there any notion of doing a sort of automated testing for things
> like this that can be easily proven?

Yes, the blog post I linked to contains some more information.  We are
using tools such as exitmap [1] to systematically scan the network for
attacks such as DNS poisoning, SSL stripping, HTTPS MitM, and XMPP MitM,
just to name a few.  We are always looking for more ideas on what to
scan for, so let us know if you have any!

[1] <https://gitweb.torproject.org/user/phw/exitmap.git/>
    <https://nymity.ch/pdf/winter2014b.pdf>
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk