[tor-bugs] #13667 [Tor]: Prevent port scanning of hidden services

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Nov 18 14:16:17 UTC 2014


#13667: Prevent port scanning of hidden services
------------------------+------------------------------------------
     Reporter:  arma    |      Owner:
         Type:  defect  |     Status:  new
     Priority:  major   |  Milestone:  Tor: 0.2.6.x-final
    Component:  Tor     |    Version:
   Resolution:          |   Keywords:  SponsorR tor-hs 025-backport
Actual Points:          |  Parent ID:
       Points:          |
------------------------+------------------------------------------

Comment (by yawning):

 Drawing from the PT bag of tricks...

 5) Send back END_STREAM_REASON_DONE as if the application closed the
 connection, optionally after either a certain amount of time has passed or
 a certain amount of data has been received from the peer.  Once this
 happens once, tag the circuit as "kind of sketch", and apply the same
 policy for all new streams regardless of if the destination port is
 actually valid or not.

 It makes debugging harder, but slows down scanning as much as 2 (though a
 intelligent scanner would try common ports first), and it gives the bad
 guys more work to do post processing the results.

 Not sure about the implications for "close the stream after a while" in
 this context, parts of it scare me but it may be something that's less
 scary if the parameters are set correctly.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13667#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list