Hello,
I am a master student in System Information Security in Canada and I am doing a project which will evaluate the security of the Tor Exit Nodes in a Tor user perspective.
By reading the documentation of torflow, it is yet not clear to me, exactly which tests you are doing. One part of my project is to make a description of each possible attack an Exit Node can make and a description of a detection/mitigation mechanism for each of the attack but also I would like to implement one or more tests that have not been implemented by torflow.
Here is a list of attacks that we think that a malicious Exit Node could do. The list is not complete, we will expand it. I would like to know, what type of attacks have you not tested and also, feel free to complete this list.
-SSL and none SSL Sniffing (Session Hijacking, emails, web URL, IRC channel, FTP ) -Virus Injection (Linux, OSX, Windows, Android) -Misc Injection/Tampering: advertisements, JavaScript, etc -Pharming Attacks -DNS Rebinding -SSL MITM with CN -SSL MITM (revoked certificate, expired certificate and untrusted certificate) -SSL Downgrade attacks -SSL stripping -Dropping TLS connections -Spurious RST packets -Exploiting Bittorrent Tracker to reveal a user’s real IP
Thank you for reading and sorry for the long post Frank