[tor-project] Moar Project Ideas!!

dawuud dawuud at riseup.net
Fri Mar 25 10:07:41 UTC 2016

This sounds like an interesting project.
I'd lend a helping code writing hand if needed.

Yeah in general any sort of network tooling/forensics projects, stats
gathering and hidden service related projects I'd be interested in helping out.


On Thu, Mar 03, 2016 at 01:47:28PM +0000, Aaron Gibson wrote:
> On 2016-02-29 21:18, Donncha O'Cearbhaill wrote:
> >Damian Johnson:
> >>
> >>Hi all, pulled the trigger on this...
> >>
> >>https://gitweb.torproject.org/project/web/webwml.git/commit/?id=3ddd63efa5296a221daa8a295280b37b2546e2bf
> >>
> >>Folks are coming out of the woodwork to mentor so we still have ten
> >>projects (yay!), but not much concerning core tor. if you'd care to
> >>mentor one of these then more than happy to add it back to our page.
> >
> >Great work on getting the GSoC program together, and getting selected!
> >
> >I'd be happy to be the second mentor for any Python-based project,
> >particular if it's related to hidden services or network monitoring.
> >
> >Regards,
> >Donncha
> A project I discussed last night with Donncha and Yawnbox is
> Title:
> IP hijacking detection for the Tor Network.
> Description:
> IP hijacking (https://en.wikipedia.org/wiki/IP_hijacking) occurs when a bad
> actor creates false routing information to redirect Internet traffic to or
> through themselves. This activity is straightforward to detect, because the
> Internet routing tables are public information, but currently there are no
> public services that monitor the Tor network. The Tor Network is a dynamic
> set of relays, so monitoring must be Tor-aware in order to keep the set of
> monitored relays accurate. Additionally, consensus archives and historical
> Internet routing table snapshots are publicly available, and this analysis
> can be performed retroactively.
> The implications of IP hijacking are that Tor traffic can be redirected
> through a network that an attacker controls, even if the attacker does not
> normally have this capability - i.e. they are not in the network path. For
> example, an adversary could hijack the prefix of a Tor Guard relay, in order
> to learn who its clients are, or hijack a Tor Exit relay to tamper with
> requests or name resolution.
> This project comprises building a service that compares network prefixes of
> relays in the consensus with present and historic routing table snapshots
> from looking glass services such as Routeviews (http://routeviews.org), or
> aggregators such as Caida BGPStream (https://bgpstream.caida.org) and then
> issues email alerts to the contact-info in the relay descriptor and a
> mailing list. Network operators are responsive to route injections, and
> these alerts can be used to notify network operators to take immediate
> action, as well as collect information about the occurrence of these type of
> attacks.
> Estimated time to build this service: 3 months
> --Aaron
> _______________________________________________
> tor-project mailing list
> tor-project at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20160325/3a80360a/attachment.sig>

More information about the tor-project mailing list