[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Exitrelay performing SSL MITM on port 995 (Dr. Web Netfilter)
I have been worried about MITM in general on exit relays. Can someone
explain this process a bit more?
What about ettercap packet injections running inside an exit relay with
etterfilter?
On Tue, May 1, 2012 at 7:20 PM, tagnaq <tagnaq@xxxxxxxxx> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> Hi,
>
> there is an exit relay performing SSL MITM on POP3S connections
> (and probably others).
> The relay seams to be using Dr. Web Netfilter (see att. [mail to big
> att. removed]),
> so the harm is probably not done intentionally.
> Unfortunately I don't know which exit node I was using at the time.
> I assume that Mike's exit scanner will detect this node sooner or later.
> until then: do not ignore ssl warnings (not just now ;)
> -----BEGIN PGP SIGNATURE-----
>
> iF4EAREKAAYFAk+gb8EACgkQyM26BSNOM7bNxgEAlGaWkk9EeA6iz3PX29caa8mA
> +pFEJcpsWPHTnSKHGb0BAIB7CSpJgKD6kYpyZmZC0Eaqv9gUKykRTI8YmA1vd2eY
> =JLBp
> -----END PGP SIGNATURE-----
> _______________________________________________
> tor-talk mailing list
> tor-talk@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk