[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: multiple connections to ORPort from one IP address
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: multiple connections to ORPort from one IP address
- From: "F. Fox" <kitsune.or@xxxxxxxxx>
- Date: Mon, 02 Jun 2008 13:28:50 -0700
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Mon, 02 Jun 2008 16:29:03 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:subject:references:in-reply-to:x-enigmail-version:content-type:content-transfer-encoding; bh=JQ3b4dGktzeRRZbgn+Y9BMjAcPKAYLpZe8FLqMOoYE8=; b=GRc3pQMbjlWrnDvyX1qIaqZiL6rEAvXcLWYBQhHqiheNb5oaLhn+sDalzcRsfys+nbgp025Glm60djs9GYBLCUcZuph3UU4FTA9J/JdrweKeXRgWUgvJxHCXUoWpi+HutjhjBJ7bP2fHlYYqXz5kGW7SIQgRIG5kcqILTHPyjE0=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references:in-reply-to:x-enigmail-version:content-type:content-transfer-encoding; b=Kxdu63mS/JXoidxw9hWvoxanoGnVIsHi/kGcqSug6j+bT3mV2MnP0Z5rmHThyOPZ433INVTmFhiKpmiVP5YvSqmkI1RM3moGN/rlaZ0YyNotcjC175KZMNZhOTefz5XW9MLnOf+3VnuEscy6vk6DDkkKGz40oP+oELU3C+j3QVw=
- In-reply-to: <200806012008.m51K8XXq019657@xxxxxxxxxxxxx>
- References: <200806012008.m51K8XXq019657@xxxxxxxxxxxxx>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
- User-agent: Mozilla-Thunderbird 2.0.0.14 (X11/20080509)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Scott Bennett wrote:
> On Sun, 1 Jun 2008 10:51:33 -0400 Geoffrey Goodell
> <goodell@xxxxxxxxxxxxxxxx> wrote:
>> To: or-talk@xxxxxxxxxxxxx
>> Cc: or-talk@xxxxxxxx
>
> Not sure here why you posted twice, but...
>
>> On Sun, Jun 01, 2008 at 08:44:09AM -0500, Scott Bennett wrote:
>>> I just noticed a case of six connections to my server's ORPort that all
>>> came from the same IP address. I'm trying to think of some legitimate reason
>>> for more than one connection from a given IP address to a particular server's
>>> ORPort, but haven't come up with any yet. Any ideas out there?
>> NAT
>
> How so? Any tor process, whether client-only, server-only, or client-and-
> server, needs no more than one open connection to a particular tor server's
> ORPort. What would a tor process making connections from behind a NAT server
> have to do with whether there were only one connection or were multiple
> connections? One of us, I think, is missing the other's point, but I'm not
> sure which one here.
Multiple machines behind NAT - running their own Tor clients (as opposed
to using a network-level anonymizing middlebox) - would each form their
own circuits and connections. The very design of Tor is such that it
resists shenanigans at the firewall.
- --
F. Fox
AAS, CompTIA A+/Network+/Security+
Owner of Tor node "kitsune"
http://fenrisfox.livejournal.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQIVAwUBSERYAuj8TXmm2ggwAQi9Tw/+KuzvaCWf7LrAmSBI99uZBueRF09htBJR
N8fmMyAlLmFQxmQRZCTSJ/a8gbEyKykjJLU4njqPwg2FDEtKzSG4Ar+qfKoXw6tt
sp7WUqs/Xgfzwn9Xr8l29KKtpFxhWdXDJciGbv0fBHp7XpqIksMhmxcA/F6HHxSW
a2AbCkfCRNPy+T2fl1CFgRtZxEs4WWXy5jqbM8JQFpAg+xepN05QDv5Zmp66l/Me
YIfW0sc2XAK+Rz8XlLz68q/bBTbZGIG3dtTMzD/1zUfpALWDq4YKuTS1MCqzETER
DJJ3FGJxn3nczEn5MnRD5t05Cz1RhR49I7szCsJAC25SJFY3H6mM0wB8VpfWc3VD
4JBCmllYRIIAQanQdj8Ena/YG2XLHjowR2s0nQGbLkkUt1lqlViKSCNVH82iaVdJ
q6Co5i9DnllG+Myky0HmTSZxUI0dXzMXansRLtwsJgrNrhIhVhyd2SxNxiYSOBVu
3f4Z0diJ0kQdCK0vGriUVPcEAgPdA3nmHq/as8qD3l2bNKqARpU1DWd44BVXG0sU
25q510ytGevFCqEtTTDcnDRMffXR31qP4pZEiKNQxLuRM9gXuG1eVI/UZKUrgGYr
wgHRihPSX9VaE5ixEviA8F7QrObJ/axBQcVczAnzGczOF4K5H3nGGzkip7h+V/PG
jayDeJxP/XU=
=kz/L
-----END PGP SIGNATURE-----