[tor-dev] onion moshing

Razvan Dragomirescu razvan.dragomirescu at veri.fi
Sun Sep 25 14:01:36 UTC 2016 

Hello again David,

Sorry to resurrect an year-old thread but it looks to me like OnionCat is
abandoned code at this point - mailing lists are gone, no development since
mid last year, etc. Since the Tor developers plan to deprecate (and quickly
eliminate) v2 onion names and expect to move to the new longer names/keys
ASAP, I was wondering if you had any plans to adapt your OnionVpn software.

I was thinking of a very generic lookup mechanism for IPv6 to .onion name
lookup, adaptable to anything from blockchain-based name systems to a
centralized file. Possibly simply running an external script given as a
parameter on each IPv6 to name lookup (and checking that the returned name
hashes back to the IPv6 address expected).

I think OnionVpn may be easier to modify than OnionCat, given that it's
Python.

Thank you,
Razvan

--
Razvan Dragomirescu
Chief Technology Officer
Cayenne Graphics SRL


On Wed, Dec 9, 2015 at 6:59 PM, David Stainton <dstainton415 at gmail.com>
wrote:

>
> I was inspired by onioncat to write a twisted python implementation.
> Onionvpn doesn't have as many features as onioncat. I've successfully
> tested that onionvpn and onioncat can talk to each other and play nice.
> Both onionvpn and onioncat implement a virtual public network. Anyone can
> send packets to you if they know your onion address or ipv6 address...
> however injection attacks are unlikely since the attacker cannot know the
> contents of your traffic without compromising the tor process managing the
> onion service.
>
> I've also tested with mosh; that is, you can use mosh which only works
> with ipv4 over an ipv4-to-ipv6 tunnel over onionvpn/onioncat. Like this:
>
> mosh-client -> udp/ipv4 -> ipv6 -> tun device -> tcp-to-tor -> onion
> service decodes ipv6 to tun device -> ipv6 -> udp/ipv4 -> mosh-server
>
> https://github.com/david415/onionvpn
>
>
> If an onionvpn/onioncat operator were to NAT the onion ipv6 traffic to the
> Internet then that host essentially becomes a special IPv6 exit node for
> the tor network. The same can be done for IPv4. Obviously operating such an
> exit node might be risky due to the potential for abuse... however don't
> you just love the idea of being about to use low-level network scanners
> over tor? I wonder if Open Observatory of Network Interference would be
> interested in this.
>
>
> david
>
>
> _______________________________________________
> tor-dev mailing list
> tor-dev at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20160925/077beb61/attachment.html>

More information about the tor-dev mailing list