prevent tor accepting dns requests on dnsport initiated by itself
Nick Mathewson
nickm at freehaven.net
Fri Jun 22 15:52:48 UTC 2007
On Thu, Jun 21, 2007 at 10:53:08PM +0100, Robert Hogan wrote:
>
> This would also prevent the user resolving a dns request if it
> coincided exactly with the very same request by tor. I don't know
> how likely this would be in practice - I certainly haven't been
> quick enough on the draw.
I think this is actually a dangerous idea. We separate the client DNS
cache from the server DNS cache for a reason: if you're using a Tor
instance as both a client and a server, it's a good idea to keep the
client's behavior more or less uncorrelated by the server's.
Here's an attack: I have a server that doesn't see much usage at
evil-nick.com. You have a non-exit Tor host. I suspect that you're
connecting to my server. I control the DNS for evil-nick.com, so I
whenever your Tor server asks for the address of evil-nick.com I give
you IP1. (If it never asks, I can resolve evil-nick.com.yourhost.exit
a lot.) When any other server asks, I give them IP2. If I see
anybody connect to IP1, I know that it's probably your client peeking
inside the server DNS.
There are probably easier attacks here too.
--
Nick Mathewson
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 652 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20070622/e37d6116/attachment.pgp>
More information about the tor-dev
mailing list