[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] TLS/SSL SMTP MitM

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] TLS/SSL SMTP MitM
From: Joe Btfsplk <joebtfsplk@xxxxxxx>
Date: Mon, 10 Mar 2014 14:59:15 -0500
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 10 Mar 2014 16:11:28 -0400
In-reply-to: <531E07D3.8080907@xxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <531E07D3.8080907@xxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (Windows NT 6.0; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0

On 3/10/2014 1:43 PM, Gordon Morehouse wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi there,

I have been doing some testing of sending email over Tor and today ran
into a definite BadExit (but not flagged, clearly) because there was a
blatant MitM attempt on three separate occasions when I initiated a
TLS/SSL SMTP connection to my mail provider.  Thunderbird popped up
the usual warnings, etc.  The trouble is, I don't know how to quickly
find out what exit was being used so I can tattle on it; in this case,
I'm using an old laptop with limited resources, so I just run tor at
boot and don't have the fancy Vidalia map thingy or any of that, and
I'm unfamiliar with the CLI invocations which could help me figure out
who's playing dirty tricks with their exit node.

I can't help much w/ determining if it was a "bad exit," but I can offerone way to see the exits in use.

That's one complaint about TBB 3.5 series - took away the ability to seea map of relays.Though I personally had what seemed like "bugginess" w/ Vidalia, you canstill get the stand alone version to use w/ TBB 3.5.Vidalia-standalone-bundles_Index of /~erinn/<https://people.torproject.org/%7Eerinn/vidalia-standalone-bundles/>

Best I can tell from sparse instructions, you just extract Vidalia filesto a separate folder - created as sub-folder of TorBrowser folder.You must Start Vidalia AFTER TBB (Tor) is already connected. I didn'tneed to modify anything, anywhere to make Vidalia detect Tor & displaythe network map.

But, it also tends to crash (mess up), after a few TBB restarts (exitingVidalia each time, before exiting TBB).

So it may not work flawlessly, long term.

Another option is copy the IPA shown on the Tor connection screen inTBB, then enter it into any IPA checking site - get the location,perhaps server name?Also check if that IPA is on blacklists What Is My IP Address BlacklistCheck <http://whatismyipaddress.com/blacklist-check>

--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] TLS/SSL SMTP MitM
  - From: Gordon Morehouse

References:
- [tor-talk] TLS/SSL SMTP MitM
  - From: Gordon Morehouse

Prev by Author: Re: [tor-talk] configure Vidalia stand alone
Next by Author: Re: [tor-talk] Blacklists
Previous by thread: [tor-talk] TLS/SSL SMTP MitM
Next by thread: Re: [tor-talk] TLS/SSL SMTP MitM
Index(es):
- Author
- Thread