[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] TLS/SSL SMTP MitM



On 3/10/2014 1:43 PM, Gordon Morehouse wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi there,

I have been doing some testing of sending email over Tor and today ran
into a definite BadExit (but not flagged, clearly) because there was a
blatant MitM attempt on three separate occasions when I initiated a
TLS/SSL SMTP connection to my mail provider.  Thunderbird popped up
the usual warnings, etc.  The trouble is, I don't know how to quickly
find out what exit was being used so I can tattle on it; in this case,
I'm using an old laptop with limited resources, so I just run tor at
boot and don't have the fancy Vidalia map thingy or any of that, and
I'm unfamiliar with the CLI invocations which could help me figure out
who's playing dirty tricks with their exit node.

I can't help much w/ determining if it was a "bad exit," but I can offer one way to see the exits in use.

That's one complaint about TBB 3.5 series - took away the ability to see a map of relays. Though I personally had what seemed like "bugginess" w/ Vidalia, you can still get the stand alone version to use w/ TBB 3.5. Vidalia-standalone-bundles_Index of /~erinn/ <https://people.torproject.org/%7Eerinn/vidalia-standalone-bundles/>

Best I can tell from sparse instructions, you just extract Vidalia files to a separate folder - created as sub-folder of TorBrowser folder. You must Start Vidalia AFTER TBB (Tor) is already connected. I didn't need to modify anything, anywhere to make Vidalia detect Tor & display the network map.

But, it also tends to crash (mess up), after a few TBB restarts (exiting Vidalia each time, before exiting TBB).
So it may not work flawlessly, long term.

Another option is copy the IPA shown on the Tor connection screen in TBB, then enter it into any IPA checking site - get the location, perhaps server name? Also check if that IPA is on blacklists What Is My IP Address Blacklist Check <http://whatismyipaddress.com/blacklist-check>
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk