[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-relays] Filtering TOR Non-exit Relay - Just Curious
Lukas Erlacher <l.erlacher@xxxxxxxxx> wrote:
Middle nodes don't know the type of traffic. If they have any way
to find out, that is a bug that needs to be fixed. End-of.
Packet timing analysis may be able to tell you *something* -- this is
part of my current research project, ask again in six months :-)
Mr. Nelson Laurenti wrote:
I didn't say I knew the type of traffic on my relay, that would be an
entirely new set of problems; I said I can see the IP addresses
coming in and going out, and the ports used.
That's to be expected. Tor is still using IP, so there is no way around
the fact that a relay operator can observe the IP addresses of hosts in
direct communication with their relay(s).
If your relay is acting strictly as a middle hop, however, the IP
addresses you observe should all be the addresses of other Tor relays,
and none of the traffic you observe should *originate* from the IP
addresses you observe.
If you are an entry hop, some of the traffic you observe will be traffic
coming directly from clients, and you can learn their IP addresses and
probably quite a bit about them. This is part of why we have guards.
(I am skeptical about guards actually being a good idea, but that's
*also* part of my group's research, so, again, ask again in six months.)
Only if you are an exit node should you be able to observe any traffic
that is in cleartext and/or coming directly from server hosts.
It is possible for one Tor process to serve all three roles
simultaneously, but never (by design) for a single circuit. The design
intent is that it will be prohibitively difficult for any single
operator to control more than one node in a circuit more than some tiny
fraction of the time; how feasible this actually is in real life has
been the subject of quite a bit of research already (and, yep, my group
is looking at that as well, albeit not as centrally).
zw
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays