On 3/18/16, Mridul Malpotra mridul.malpotra@gmail.com wrote:
b. For testing active attacks, can there be modules developedkeeping other cleartext protocols like SNMP and Telnet in mind?
Tor only supports TCP of course, however any cleartext application protocol using it is subject to snooping / modification. HTTP, POP3, NNTP, etc. And if the cert is MITM or server faked, so is TLS. A map to a honeypot of passwords [telnet pop3 ...] would be fun.
Alternatively, is there a way to determine what protocols are being used over Tor and their popularity?
That might guide which protocol to develop module for, along with thinking of what payoff for snooping / modification that proto is. Note tor claims such traffic analysis research is likely too sensitive to conduct, even though people privately conduct it all the time.