[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Is this a practical vulnerability?



My question is, if you NEVER requested the 1 web page in the first place, would you have experienced the same attack? I mean if I were looking for new live Tor services I would probably periodically just roll through unknown IPs and check for a live node (or something) as one layer of attack. No live node, move on. Live node not already discovered? The fact that the node responds (in some manner I'm looking for) is enough information, it's possible I don't even care that it has anything to do with Tor.

Just a thought, it should be clear I have no idea what I'm talking about. e.g. I don't know what your middleman server not getting attacked indicates.

Anon Mus wrote:

Within 24hrs of making that Tor hidden service live I could see, in my firewall logs, hundreds of repeated attempts trying to hack my server, directly from the internet, not via my hidden Tot service.
[...]
Now bearing in mind that I had only EVER requested 1 web page (a blank test page - requested about 4 times) from my own Torrified web browser (out and back so to speak), and no OTHER (external)
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk