[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: How do we defeat exit node sniffing?
for http connections im worried about cookie sidejacking as well since some sites only authenticate via https and set a cookie, what can we do in this regard?
On Thu, Jun 5, 2008 at 7:08 PM, Xizhi Zhu <xizhi.zhu@xxxxxxxxx
you have to try to do the authentication with SSL/TLS. if not, your username and your password will be sent to the exit nodes first, and that's really terrible!
2008/6/6, defcon <defconoii@xxxxxxxxx>:
so what do you all suggest if I must authenticate to a non ssl connection? How do I do it anonymously and safely?
On Thu, Jun 5, 2008 at 5:37 PM, Christopher Davis <loafier@xxxxxxxxx
Prefer TLS-enabled services, and mind the authenticity of server certs.
On Thu, Jun 05, 2008 at 05:01:34PM -0700, defcon wrote:
> What are some good ways to defeat exit node sniffing? Is there a listing of
> good exit nodes that do not sniff?
Or use Tor hidden services.
Use Tor to secure your surfing trace:
My blog: http://xizhizhu.blogspot.com/