For those of you who didn't see this on tor-dev:
Begin forwarded message:
From: Nikhil <rnikhil275@gmail.com mailto:rnikhil275@gmail.com> Subject: [tor-dev] Interested in contributing to Tor Project - IP Hijacking detection for Tor relays Date: 29 December 2016 at 22:50:12 AEDT To: tor-dev@lists.torproject.org mailto:tor-dev@lists.torproject.org Reply-To: tor-dev@lists.torproject.org mailto:tor-dev@lists.torproject.org
Hi,
I am Nikhil. R, a student from India. You can know more about me from here[1] and here[2]. I have been running a Tor relay for sometime and now I am interested in contributing to the Tor Project. Specifically, I would like to work on IP Hijacking detection for Tor relays. I understand this does not involve directly with the Tor core hence I think this project is ideal in getting my feet wet with the Tor Community and get me started for further contributions to the Tor Project.
BGP hijacking is difficult without inside help from ISP's(I think ?) but state run adversaries don't necessarily have this problem. This has a great risk of exposing all Tor clients or even mess around with the name resolution in exit relays. I have also read about incidents where an attacker using BGP hijacking, hijacked a portion of a Bitcoin mining pool traffic to pay himself instead of the people contributing the processing power. I feel BGP has major security implications in this aspect and a monitoring service is necessary. There are many monitoring services and we can possibly leverage one of them for the routing data.
The main motive of the service would be to find anomalies/ malicious changes in the routing information compared to previous snapshots of the same. How do we actually do this comparison ? Any pointers for that ? The project also mentions that the service should be Tor-aware. What exactly does this mean ? Does it mean that, it should monitor all tor relays ip addresses ? It would be wonderful if you could elaborate on the project in a little more detail.
I am a beginner in this area and please excuse me if any of the above questions are too stupid.
Regards, Nikhil. R
[1]:https://in.linkedin.com/in/rnikhil275 https://in.linkedin.com/in/rnikhil275
[2]https://rnikhil275.github.io https://rnikhil275.github.io/ _______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org mailto:tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
T
-- Tim Wilson-Brown (teor)
teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org ------------------------------------------------------------------------