[tor-bugs] #6874 [Ooni]: Bridge Testing: Indirect Scans
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Mon Sep 17 04:12:37 UTC 2012
#6874: Bridge Testing: Indirect Scans
---------------------------------+------------------------------------------
Reporter: isis | Owner: isis
Type: task | Status: new
Priority: normal | Milestone: Deliverable-Nov2011
Component: Ooni | Version:
Keywords: bridge reachability | Parent: #6414
Points: | Actualpoints:
---------------------------------+------------------------------------------
These need to be further researched and tested. There may also be new
methods discovered as time goes on, since some of these methods are pretty
obscure.
Summary from [#6414 the parent ticket]:
1. "Nmap stealth scan" style indirect scan: Send a TCP SYN with a forged
IP address header to the bridge, the IP should should actually point to
some in-country publicly observable service with sequential or otherwise
predictable fields.
2. Use any website which allows free content upload to give the bridge
address as "content" and wait to see if the page times out. This is
basically a variant of the vanilla TLS handshake test; however, a downside
is that contact with the bridge is measured from wherever the localized
server for the content upload site is and may not be in-country.
3. Use FTP proxies or some similar weird bounce mechanism in-country to
obfuscate the purpose of the connection.
4. Use the canary to force probes to check for us, without the probes
actually checking. I'm just going to start calling this idea "quis-
custodiet-ipsos-custodes-now-f******?!?!?!"
5. There were other ideas which were as entertaining as they were
ridiculous, and there are probably a lot that I haven't thought of yet.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6874>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list