[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Network Scan through Tor Exit Node (Port 80)



Thus spake Fabio Pietrosanti (naif) (lists@xxxxxxxxxxxxxxx):

> On 3/29/11 3:30 PM, cmeclax-sazri wrote:
> > Opening a web page with lots of images results in lots of connections to web 
> > servers. If I hit the stop button before the images are loaded, my browser 
> > will close those connections without receiving any data. Web pages do not 
> > normally contain lots of HTTP links to sites that aren't running web servers, 
> > so a lot of refused connections does not look like anything that can happen 
> > in normal web browsing. Port scanning results in lots of connections closed 
> > upon opening and lots of connections refused; the distinctor is the lots of 
> > connections refused.

So then when a website or ad server wants to DoS a tor user, they just
introduce a tight open+close XMLHTTPRequest loop in some JS?

> Ok, anyone willing to implement a portscan detector using such logic? :-)
> 
> I candidate myself to test it with the risk of getting Bad-Exited ;P

At the point where you are implementing stuff there's no reason to
risk anything. As I've said before, we can safely signal to clients in
real time that they should go elsewhere with their traffic. The Tor
Protocol supports this.

There is no need to break stuff for unsuspecting users. Srsly:
https://lists.torproject.org/pipermail/tor-relays/2011-March/000675.html

-- 
Mike Perry
Mad Computer Scientist
fscked.org evil labs

Attachment: pgpTjXyi37Z1o.pgp
Description: PGP signature

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays