[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-dev] Tracing TCP Connections online..

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-dev] Tracing TCP Connections online..
From: grarpamp <grarpamp@xxxxxxxxx>
Date: Mon, 10 Apr 2017 13:21:05 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 10 Apr 2017 13:22:08 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=+Gu+KKj1xagqSACx6j0WEZKuIyTL5Z4+yYOb4xNjl/Q=; b=C+O9ysyylZLqce6B/QEzPz8A+2Jxs3e121pJ1sI2QYz2eq5H0Wr7rQ4DiuoaObTIu/ +Y1hppjk07eBPF9AvE1T/aSAKBMOIbHj6vzVBLJt+eKvh0NtOlMl+CRALNbbbgtFrDUy 6h9I31SibklfkXsnjyHyGvyo5A8NTzmh0NyjypGYUvIcsxPcYAd7PqDA71tmEarX8ZxH /g4FQ9wsuzN+AHSk9zBGGTqsGyelfXKmmnOcsOtaor3++KBYwcIvcu5kXSLDHbphqyEa W+xM9Iz9mqy0W1a/4nYklwl1BFeBl6FuVkaPqEMdjRX4nob/+eMJ4xSOXdRkbHJyNThN PjbQ==
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>

re: "tcp_tracing_internet.pdf"

This appears to describe an active network modulation attack (node DoS).
Either hammer tree on nodes of the expected path and trace the modulation,
or on all but the expected path to find unmodulated.
It generally requires GPA, deploying nodes, or being one end of the path...
in order to observe the results.
And it's old news.
As noted before, since Tor (and all other current anonymous overlays)
nodes do not perform their own independant buffering, reclocking and
contracting for expected hop parameters... this vulnerability will remain.

Anyone wanting to research, code, deploy, and present on
such countermeasures would certainly be welcomed.
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Follow-Ups:
- Re: [tor-dev] Tracing TCP Connections online..
  - From: dawuud

Prev by Author: [tor-dev] Circuit times
Next by Author: [tor-dev] Mailing List Etiquette Reminder
Previous by thread: Re: [tor-dev] Tracing TCP Connections online..
Next by thread: Re: [tor-dev] Tracing TCP Connections online..
Index(es):
- Author
- Thread