[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] The New Threat: Targeted Internet Traffic Misdirection

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] The New Threat: Targeted Internet Traffic Misdirection
From: coderman <coderman@xxxxxxxxx>
Date: Thu, 21 Nov 2013 11:15:11 -0800
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 21 Nov 2013 14:26:13 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=/QcYDzDbY4Ow2HxbH2Jv7XSUZfMG6Nlh8xUkCJRJ0co=; b=qR0HrpQJ9SB1SPo0kvb9TB9tD4KU740hhLWpT97u4qXLAjnQ7oUgPp75ogqE2czUiy hWhXxl1rUEiQfn0aydxGN2mhgkFXipclmj7b7+ivU8lyocunY3+wbvzXUabcfiI6qf++ QK3xPSSJQJVXtyaAXI41lTKDye6M7PuTYxKNxwgUDPBDk7yhhLMU39XQ80kRKxNJ1oKZ 10Z4x/ki5Q0lNS+p9FQp0irpcqx+UPcWk/trlhWUKPcT202LcSlNlEW2CHAV5jirNIWv WHGAIY9O9qXJPYI/ecXB2GS4YQfvJu454ybwmNJ0xFq4NDgTIiP89jlt+MSYEwjNP7S/ FzqQ==
In-reply-to: <528e43dd.c6122a0a.14b9.06ddSMTPIN_ADDED_BROKEN@xxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <069792cc2edd41a7eb39ce368888e221.squirrel@xxxxxxxxxxxxx> <528e43dd.c6122a0a.14b9.06ddSMTPIN_ADDED_BROKEN@xxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

On Thu, Nov 21, 2013 at 9:33 AM, Seth David Schoen <schoen@xxxxxxx> wrote:
> ...
> You could use BGP redirection to become able to spy on traffic
> headed to a guard node or coming out of an exit node that would
> otherwise not have passed through networks that you control.
> The most relevant consequence of that would probably be increasing
> the probability that the attacker can successfully do a traffic
> correlation or confirmation attack.


active attacks, of various types, are also clearly possible.  the
impact of these varied, but possibly significant.

i recommend all relay ops sign up for cyclops alerts for suspicious
BGP behavior on their netblocks:
http://cyclops.cs.ucla.edu/

it's a bit noisy, but useful.


best regards,
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] The New Threat: Targeted Internet Traffic Misdirection
  - From: BM-2D9WhbG2VeKsLCsGBTPLGwDLQyPizSqS85

Prev by Author: Re: [tor-talk] A great way for you to help Tor: track down recent press articles
Next by Author: Re: [tor-talk] Thoughts on Tor-based social networking?
Previous by thread: Re: [tor-talk] The New Threat: Targeted Internet Traffic Misdirection
Next by thread: [tor-talk] Orbot for Android
Index(es):
- Author
- Thread