[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-relays] Tor exit nodes attacking SSH?
me@xxxxxxxxxxxxxxxx wrote:
> Make a "trap" ssh server (for example on virtualbox machine
> without any sensitive data) and log in into it through tsocks.
> After that check from which ip it was logged in. This probably
> would be ip of the exit node.
What if they "bridge" mitm-ed traffic to a different host?
I saw a similar ssh warning few weeks ago but I wasn't prepared to
identify the bad exit. I set SafeLogging to 0 and I will enable
debugging via SIGUSR2 next time this happens. Can someone confirm
whether it's a good way of identifying bad exits?
--
Alex
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays