[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Tor exit nodes attacking SSH?

To: Alexander Nasonov <alnsn@xxxxxxxxx>
Subject: Re: [tor-relays] Tor exit nodes attacking SSH?
From: Roman Mamedov <rm@xxxxxxxxxxx>
Date: Thu, 10 Aug 2017 01:18:29 +0500
Cc: tor-relays@xxxxxxxxxxxxxxxxxxxx
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 09 Aug 2017 16:18:43 -0400
In-reply-to: <20170809200830.v6lgjyus7wgrnudm@neva>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <33551502260734@web43j.yandex.ru> <20170809200830.v6lgjyus7wgrnudm@neva>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

On Wed, 9 Aug 2017 21:08:30 +0100
Alexander Nasonov <alnsn@xxxxxxxxx> wrote:

> me@xxxxxxxxxxxxxxxx wrote:
> > Make a "trap" ssh server (for example on virtualbox machine
> > without any sensitive data) and log in into it through tsocks.
> > After that check from which ip it was logged in. This probably
> > would be ip of the exit node.
> 
> What if they "bridge" mitm-ed traffic to a different host?

They could feed MITMed traffic back into Tor, framing a different exit node
in the process :)

-- 
With respect,
Roman
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

References:
- Re: [tor-relays] Tor exit nodes attacking SSH?
  - From: me
- Re: [tor-relays] Tor exit nodes attacking SSH?
  - From: Alexander Nasonov

Prev by Author: Re: [tor-relays] Any IP allocations available out there?
Next by Author: Re: [tor-relays] significant rise in fail2ban alerts for ssh abuse
Previous by thread: Re: [tor-relays] Tor exit nodes attacking SSH?
Next by thread: Re: [tor-relays] Tor exit nodes attacking SSH?
Index(es):
- Author
- Thread