[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] What is being detected to alert upon?
Thanks for replying. I understand it is a spy vs spy type of situation but
what do they see currently? I don't believe they are seeing it by the IP
addresses (or so they claim).
Is it something in the handshake the is triggering the alert?
On Thu, Apr 30, 2015 at 2:17 PM, Seth David Schoen <schoen@xxxxxxx> wrote:
> Frederick Zierold writes:
>
> > Hi,
> >
> > I am very curious how a vendor is detecting Tor Project traffic.
> >
> > My questions is what are they seeing to alert upon? I have asked them,
> > but I was told "that is in the special sauce."
> >
> > Is the connection from the users computer to the bridge encrypted?
> >
> > Thank you for your insight.
>
> Are they detecting non-public bridge traffic, or only normal entry
> guards?
>
> Detection and obfuscation is kind of a big topic that's been around for
> some years, so there are a lot of possibilities.
>
> --
> Seth Schoen <schoen@xxxxxxx>
> Senior Staff Technologist https://www.eff.org/
> Electronic Frontier Foundation https://www.eff.org/join
> 815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107
> --
> tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
--
--
Frederick Zierold, CISSP
University Information Security Office (UISO) Security Analyst
Direct: 202-687-5784
Office: 202-687-3031
Fax: 202-687-1505
UISO Security Services:
http://security.georgetown.edu, 202-687-3031 or security@xxxxxxxxxxxxxx
UISO Identity & Access Management Services:
http://netid.georgetown.edu, 202-687-2999 or netid@xxxxxxxxxxxxxx)
https://www.facebook.com/GeorgetownTechnology
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk