[tor-dev] Questions for the torflow developers

Francois Valiquette wearenone at hotmail.com
Mon Mar 9 23:15:21 UTC 2015


Hello,

I am a master student in System Information Security in Canada and I am
doing a project which will evaluate the security of the Tor Exit Nodes in a
Tor user perspective.

By reading the documentation of torflow, it is yet not clear to me, exactly
which tests you are doing. One part of my project is to make a description
of each possible attack an Exit Node can make and a description of a
detection/mitigation mechanism for each of the attack but also I would like
to implement one or more tests that have not been implemented by torflow.

Here is a list of attacks that we think that a malicious Exit Node could
do. The list is not complete, we will expand it. I would like to know, what
type of attacks have you not tested and also, feel free to complete this
list.

-SSL  and none SSL Sniffing (Session Hijacking, emails, web URL, IRC
channel, FTP )
-Virus Injection (Linux, OSX, Windows, Android)
-Misc Injection/Tampering: advertisements, JavaScript, etc
-Pharming Attacks
-DNS Rebinding
-SSL MITM with CN
-SSL MITM (revoked certificate, expired certificate and untrusted
certificate)
-SSL Downgrade attacks
-SSL stripping
-Dropping TLS connections
-Spurious RST packets
-Exploiting Bittorrent Tracker to reveal a user’s real IP


Thank you for reading and sorry for the long post
Frank
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20150309/1b1da4a7/attachment.html>


More information about the tor-dev mailing list