[tor-dev] Tracing TCP Connections online..

Mike Guidry mike at mikeguidry.net
Mon Apr 10 22:12:29 UTC 2017

re: grarpamp

I am writing a possible countermeasure which uses transactional requests.
You submit entire requests which are processed by the exit node.  Several
other situations can take place while routing to the exit node.  It would
also only require exit nodes to have updated to the newer feature.

I'll post as soon as I'm finished..

Mike Guidry


>This appears to describe an active network modulation attack (node DoS).
>Either hammer tree on nodes of the expected path and trace the modulation,
>or on all but the expected path to find unmodulated.
>It generally requires GPA, deploying nodes, or being one end of the path...
>in order to observe the results.
>And it's old news.
>As noted before, since Tor (and all other current anonymous overlays)
>nodes do not perform their own independant buffering, reclocking and
>contracting for expected hop parameters... this vulnerability will remain.

>Anyone wanting to research, code, deploy, and present on
>such countermeasures would certainly be welcomed.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20170410/cd9739ba/attachment-0001.html>

More information about the tor-dev mailing list