[tor-bugs] #2697 [Torflow]: Detect exit nodes running 'transparent' HTTP proxies

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Thu Mar 10 00:59:28 UTC 2011


#2697: Detect exit nodes running 'transparent' HTTP proxies
-------------------------+--------------------------------------------------
 Reporter:  rransom      |          Owner:  mikeperry
     Type:  enhancement  |         Status:  new      
 Priority:  critical     |      Milestone:           
Component:  Torflow      |        Version:           
 Keywords:               |         Parent:           
   Points:               |   Actualpoints:           
-------------------------+--------------------------------------------------
 One Tor exit node operator has [https://lists.torproject.org/pipermail
 /tor-talk/2011-March/019773.html stated that he intends to route Tor exit
 node traffic through a 'transparent' HTTP proxy], and that this HTTP proxy
 would censor non-HTTP traffic on port 80 (including SSL/TLS).  The exit
 scanner should be improved to detect exit nodes that divert port 80
 traffic through a censoring proxy so that they can be promptly marked with
 the !BadExit flag.

 Connecting to an SSL/TLS server running on port 80 should be enough to
 detect many of these hostile exit nodes, but we should eventually add more
 subtle/thorough detection methods (e.g. sending an HTTP request in which
 the Host HTTP header does not match the TCP address which the Tor exit
 node was told to connect to).

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2697>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list