[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-dev] OnionMail: Some attack attempt by unknown scanner + Tor Network scanning.
Into the OnionMail's federated network there are two exit/enter server
that forward the email messages between tor network and the internet.
These servers are:
onionmail.info and onionmail.zapto.org
The first is the mail exit server, the second is a server to do network
testing and security check.
We was recived some scanning from 198.143.173.188 and other chinese and
russian proxy form jaunary to yesterday.
The exit node of OnionMail has a correlation between hidden services and
ip address.
To prevent real correlation we are implementing a new deamon NTU:
Network Terminator Unit.
(A proxy between tor, internet and vice versa).
Back to the point:
The NTU project could be update to hide the hidden services rotating the
connections between tor relay servers.
We can create another layer to protect the hidden services real ip
address using a protol like ATM.
(Connection ID, relative to hop and *not use ip address* with Virtual
Circuit Multiplexing).
The server onionmail.zapto.org was over debugging and wireshark.
We make available the logs if you need to lend a hand to understand what
happened.
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev