[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Combined relay and hidden service, good idea or not?

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] Combined relay and hidden service, good idea or not?
From: Dave Warren <dw@xxxxxxxxxx>
Date: Tue, 9 Jan 2018 11:56:05 -0700
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 09 Jan 2018 13:56:23 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=thedave.ca; h= content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-sender :x-me-sender:x-sasl-enc; s=fm2; bh=MMyDeFU4v4pZAmgwvj4IjlyY5QDXb U5FnHCcR6wjhXM=; b=fv1De2qiLHIMjzj8H8JEP6QwKcIugLUTZDIorxeZxrnk2 Mut2LisS+ITQ5hLujVcoR/NVMOMXCUw1/r4+TDyoWajpeKJ0eXxxWllcQ1WJNZio iFiggRULF6ryX9GxhsLA9zfEi7/HlacVqaUr13+2fLkfFS7QSYbxSaOq7HQXeN23 uOpT3QVz/Vncv9F478IAr/lbK0p6r0dRlurOAQYTU/NwQSbzziWJaGmRsLus7dC5 gCCumdOXfevZYHSTdd6Et/AkRTNzzhkRgmMOHVpHqft9SdY5RrpYeHWTKnY5oL7u m5bwgeojsbZpRchEKzo72E6uHhimOAEIO8BlBi0dw==
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=MMyDeF U4v4pZAmgwvj4IjlyY5QDXbU5FnHCcR6wjhXM=; b=rfIAdaNfoGpZNrF+ZOmAYL O6Zs0eL7KNSOnid0mzvEnqw4PlNhSmhevG1nS+cXv/yChb5r0YNN6LGKC2dR4lia ihzYbOkDCyoSAYHihfqo7KegGhQKXI2JMmd9puNipY2pFy/evXoADaXdlaEr34Ki 7HiyQ2asw+eD1HwrB/MuPwsMjiK4fUKIHq6oB3XQ4TCMI2h7UU8vRmSBWCFwp1al NC78G33Ob41ZxC4y5m9pkqLVob2VLSZwS/pHnzLFICK5aiSYQi6TuQR/SuA/rNKo 3YR/wkYqucrCuh90NNeRrZVA9XSw4ZE+YmNxFq/FcseNblTKDzNUoJJ30jVJjQLQ ==
In-reply-to: <20180108230848.GB8254@moria.seul.org>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <513c289257afb52f0b973b4551405c0ec91a.alpine@mantablue.com> <724d40c9-9ce4-afa4-20ca-ce70a5d1c0b0@uclouvain.be> <64b9ebc07ebae9e7ce27eb88ff10f0aa32be.alpine@mantablue.com> <8394ec99-598d-b3de-94c0-da17c0aa9248@uclouvain.be> <93a1dec4-1158-0ae4-b588-510d6e5a1b72@thedave.ca> <89ab6e803603e8fbc3f799f6c1fc8589373b.alpine@mantablue.com> <01cc4eea-2b2c-f2c2-383a-093eeb202c12@thedave.ca> <20180108230848.GB8254@moria.seul.org>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.5.2

On 2018-01-08 16:08, Roger Dingledine wrote:

On Mon, Jan 08, 2018 at 03:59:25PM -0700, Dave Warren wrote:

  Even if Tor didn't supply any relay
statistics, a curious and enterprising individual could "explore" by seeing
what happens to a particular onion when one launches a DoS attack against an
external IP that one believes might be connected to the .onion service.


Yep. If you want to go a step further, check out this paper:
https://www.freehaven.net/anonbib/#remote-traffic-pets12
where they investigate inducing congestion on a target IP address
to learn *what web page it's loading*.

Turns out the attack is only effective in certain situations, but
the fact that it's worth taking seriously at all is bad news for
the Internet as a whole.

I forgot about that one! Not a surprise that it's possible in certaincircumstances, I suppose.

Nonetheless, a hidden service should be relatively immune if the IPaddress isn't known (and isn't trivially determined, such as alsohosting a relay).


_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

References:
- [tor-relays] Combined relay and hidden service, good idea or not?
  - From: tortilla
- Re: [tor-relays] Combined relay and hidden service, good idea or not?
  - From: Florentin Rochet
- Re: [tor-relays] Combined relay and hidden service, good idea or not?
  - From: Tortilla
- Re: [tor-relays] Combined relay and hidden service, good idea or not?
  - From: Florentin Rochet
- Re: [tor-relays] Combined relay and hidden service, good idea or not?
  - From: Dave Warren
- Re: [tor-relays] Combined relay and hidden service, good idea or not?
  - From: Tortilla
- Re: [tor-relays] Combined relay and hidden service, good idea or not?
  - From: Dave Warren
- Re: [tor-relays] Combined relay and hidden service, good idea or not?
  - From: Roger Dingledine

Prev by Author: Re: [tor-relays] Combined relay and hidden service, good idea or not?
Next by Author: Re: [tor-relays] MyFamily and ContactInfo fields are required for operators running multiple tor instances
Previous by thread: Re: [tor-relays] Combined relay and hidden service, good idea or not?
Next by thread: Re: [tor-relays] Combined relay and hidden service, good idea or not?
Index(es):
- Author
- Thread