[tor-bugs] #13667 [Tor]: Prevent port scanning of hidden services
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Nov 18 15:39:12 UTC 2014
#13667: Prevent port scanning of hidden services
------------------------+------------------------------------------
Reporter: arma | Owner:
Type: defect | Status: new
Priority: major | Milestone: Tor: 0.2.6.x-final
Component: Tor | Version:
Resolution: | Keywords: SponsorR tor-hs 025-backport
Actual Points: | Parent ID:
Points: |
------------------------+------------------------------------------
Comment (by dgoulet):
It seems clear here that we can't stop a network scan to finally succeed
whatever behavior so our best course of actions is to slow down and made
it as hard as we can for the attacker to scan.
Option '5' scares me a bit in terms of added overhead. Seems like adding
delay to the bad circuit opens the door to some DoS for which an attacker
could just open 65534 circuits to the HS with the wrong port and those
circuits would stay open for an unknown amount of time?... If that would
be acceptable for some reasons, adding a random delay before sending back
the reason will also slow down quite a bit the scanner :).
I would go for sending back END_STREAM_REASON_DONE (application closed the
connection) and DROP the circuit after.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13667#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list