[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #13667 [Tor]: Prevent port scanning of hidden services

Subject: Re: [tor-bugs] #13667 [Tor]: Prevent port scanning of hidden services
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Tue, 13 Jan 2015 18:50:16 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 13 Jan 2015 13:50:24 -0500
In-reply-to: <044.633990205f1f6cb5eab5ae86d37d071f@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <044.633990205f1f6cb5eab5ae86d37d071f@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#13667: Prevent port scanning of hidden services
------------------------+------------------------------------------
     Reporter:  arma    |      Owner:
         Type:  defect  |     Status:  reopened
     Priority:  major   |  Milestone:  Tor: 0.2.5.x-final
    Component:  Tor     |    Version:
   Resolution:          |   Keywords:  SponsorR tor-hs 025-backport
Actual Points:          |  Parent ID:
       Points:          |
------------------------+------------------------------------------

Comment (by arma):

 Replying to [comment:26 dgoulet]:
 > Alice has a long lived connection to let say an IRC server on aaaa.onion
 port 6667. Now, Alice receives an email saying "Hey, can you connect to
 aaaa.onion:6668?" for which the HS does have that port in its exit policy.
 So Alice, connects, the tor client reuses the RP circuit but on a wrong
 port and blam the circuit is killed thus the long lasting connection.

 I think you can do this automatically by having an img link in your
 attacking page, which when Alice visits it, it blows away her existing irc
 connection to that other service.

 > A solution we thought of here is to pin a *good* virtual port on a
 circuit and not accepting connections on it with an other port.

 Right -- basically the proposed fix is to have one circuit per virtualport
 Alice is reaching.

 (It might be that we should re-close this ticket and open a new one for
 the new issue.)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13667#comment:27>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #7555 [Tor]: MapAddress from FQDN to .onion fails because resolve requests for hidden services are not allowed.
Next by Author: Re: [tor-bugs] #13788 [Tor Browser]: Meek bridges don't work in TB 4.5alpha1
Previous by thread: Re: [tor-bugs] #13667 [Tor]: Prevent port scanning of hidden services
Next by thread: [tor-bugs] #14081 [Tor Browser]: Contrast our cookie strategy with other leading browsers
Index(es):
- Author
- Thread