Hello,
I am a master student in System Information Security in Canada and I am doing a project which will evaluate the security of the Tor Exit Nodes in a Tor user perspective.
By reading the documentation of torflow, it is yet not clear to me, exactly which tests you are doing. One part of my project is to make a description of each possible attack an Exit Node can make and a description of a detection/mitigation mechanism for each of the attack but also I would like to implement one or more tests that have not been implemented by torflow.
Here is a list of attacks that we think that a malicious Exit Node could do. The list is not complete, we will expand it. I would like to know, what type of attacks have you not tested and also, feel free to complete this list.
-SSL Âand none SSL Sniffing (Session Hijacking, emails, web URL, IRC channel, FTP )
-Virus Injection (Linux, OSX, Windows, Android)
-Misc Injection/Tampering: advertisements, _javascript_, etc
-Pharming Attacks
-DNS Rebinding
-SSL MITM with CN
-SSL MITM (revoked certificate, expired certificate and untrusted certificate)
-SSL Downgrade attacks
-SSL stripping
-Dropping TLS connections
-Spurious RST packets
-Exploiting Bittorrent Tracker to reveal a userâs real IP
Thank you for reading and sorry for the long post
Frank