[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] reverse enumeration attacks on bridges (re: 100-foot overview on Tor)



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Speaking of, it's a long time I have been asking myself this, why does
a bridge with PT need a publicly open ORPort?

I understand it for a regular bridge, no PT, but when I use PTs why
should I also open the ORPort publicly? I understand the PT needs to
talk to Tor via its ORPort, but can't we make this happen on
127.0.0.1? Right now if a 'watcher' sees obfs4proxy traffic and can't
tell what it is, just does a full port scan on the destination and
sees an ORPort open.

On 5/20/2015 6:10 PM, Philipp Winter wrote:
> On Wed, May 20, 2015 at 10:42:27AM +0800, Virgil Griffith wrote:
>> Tom: If a hostile relay receives a connection from a ip-address A
>> that is not listed in the Tor consensus, as far as I understand
>> the hostile relay stills has two possibilities about ip-address
>> A:
>> 
>> (1) A is the client (2) A is a bridge
>> 
>> I do not understand how the "reverse renumeration" attack you
>> mention (p136 of your 100-ft-summary) is able to distinguish
>> between these two cases.
> 
> If the hostile relay has no Guard flag, it shouldn't receive
> direct connections from clients.  If it does have the Guard flag,
> it could port scan the previous hop to see if it has an open (OR)
> port.  (Active probing-resistant bridges would leave some
> uncertainty, though.)
> 
> Some more details about this attack are in Section III.D of: 
> <http://www.cs.uml.edu/~xinwenfu/paper/Bridge.pdf>
> 
> Cheers, Philipp
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)

iQEcBAEBCAAGBQJVXKzkAAoJEIN/pSyBJlsR4F8IAJHw5iXWkWlA9jUirPEpsSwy
DcRlkE1r+Rs8ameaztQSabXdGFlFcFBmYq6qmILJlgm/a8jhfOo2TmlX0fvJypX2
jUobgqulxO5lTgdPDWZhCNWXFNcTUyER8WF/wTirBBG1lRyl/mgtmwSkLODYSlkp
42RDwSryB+0CMbIdK0QCKxQ2y8iS0LGHHxM4ReXHPH2g8OYtnR9Cwp0gV9bG7Siw
hYyiYBtNGjGr+NB9770LinL7Ct8NzZ1qpBM4yG4fXtEM4JWKLADrd0cyx7c5Nq4w
paLbbiN55jErRBtrOyDLdGS8bRuFEsJlgzUZCBBkFe/IA0ApNeCCX9iNRwrdgFc=
=uxxl
-----END PGP SIGNATURE-----
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk