[tor-relays] Network Scan through Tor Exit Node (Port 80)
Mike Perry
mikeperry at fscked.org
Wed Mar 30 01:11:33 UTC 2011
Thus spake Fabio Pietrosanti (naif) (lists at infosecurity.ch):
> On 3/29/11 3:30 PM, cmeclax-sazri wrote:
> > Opening a web page with lots of images results in lots of connections to web
> > servers. If I hit the stop button before the images are loaded, my browser
> > will close those connections without receiving any data. Web pages do not
> > normally contain lots of HTTP links to sites that aren't running web servers,
> > so a lot of refused connections does not look like anything that can happen
> > in normal web browsing. Port scanning results in lots of connections closed
> > upon opening and lots of connections refused; the distinctor is the lots of
> > connections refused.
So then when a website or ad server wants to DoS a tor user, they just
introduce a tight open+close XMLHTTPRequest loop in some JS?
> Ok, anyone willing to implement a portscan detector using such logic? :-)
>
> I candidate myself to test it with the risk of getting Bad-Exited ;P
At the point where you are implementing stuff there's no reason to
risk anything. As I've said before, we can safely signal to clients in
real time that they should go elsewhere with their traffic. The Tor
Protocol supports this.
There is no need to break stuff for unsuspecting users. Srsly:
https://lists.torproject.org/pipermail/tor-relays/2011-March/000675.html
--
Mike Perry
Mad Computer Scientist
fscked.org evil labs
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20110329/13053f18/attachment.pgp>
More information about the tor-relays
mailing list