[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] PSI Jabber leaking the client hostname?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-talk] PSI Jabber leaking the client hostname?
From: "phillip@xxxxxxxxx" <phillip@xxxxxxxxx>
Date: Wed, 12 Oct 2011 14:14:15 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 12 Oct 2011 08:14:32 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Hello folks,

Early today I was testing a ejabberd server under Tor Hidden service,
while testing the correct configuration of the messenger service
I was looking at the /var/log/ejabberd/ejabberd.log file to spot any
errors or strange alerts.

For the test I used a laptop with Ubuntu and pidgin installed and
a virtual machine with ubuntu and PSI jabber client.

User test1 pidgin
User test2 PSI

This session from pidgin looks fine for me.

Opened session for test1@xxxxxxxxxxxxxxxxxxxxxxx/41432302741318419318154500

This other session freaked me out, because foobar is the hostname of the
Virtual Machine.

Opened session for test2@xxxxxxxxxxxxxxxxxxxxxxx/foobar

I guess is not normal to have your hostname going to some tor end point,
is this leak related to PSI or maybe some other misconfiguration.

Peace,

Phillip



- -- 
www.bailey.st

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQEcBAEBAgAGBQJOlYSSAAoJENNBJKHbaDgTSwsIAJXCWh/8wP/YvMH7nNEOdKXN
fNOSq6Cul8l7FZWR3fHlSzjEBENt7Wl39/q8rlMKUQpROqXEj0D6DE6cj9D+R7l8
6agJ7Ma3kXbZHRvIssXlYmlYSI4gUge8NYBmxhoVC0KTDkm47Hhp4eF5MQp2zwjP
66w29+mKKTeabtOHdC6GmrpWKaefQXP0cLH9eyUEOMhOqQKF6recI8Z+QzrhjdPe
bRXglrgvs5EuB6FObZnu7Nt0U2sI9Uukm+M8cPLox1BORZ2zijRIJjZDxrsxM4oL
0eqiDIO1CeqVyWJ32KtKRa/8PKhhW6aUcHcG5QOGDzEy3vJjtr1lE04YOPdZ0Uk=
=HxKJ
-----END PGP SIGNATURE-----
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] PSI Jabber leaking the client hostname?
  - From: Jeroen Massar

Prev by Author: Re: [tor-talk] Debian-tor 0.2.2.34-1~~squeeze+1 PID/UID bug
Next by Author: Re: [tor-talk] PSI Jabber leaking the client hostname?
Previous by thread: Re: [tor-talk] Xmarks extension: any security concerns?
Next by thread: Re: [tor-talk] PSI Jabber leaking the client hostname?
Index(es):
- Author
- Thread