flooding attacks to discover hidden services

Wikileaks wikileaks at wikileaks.org
Tue Jan 2 07:53:57 UTC 2007


> If the hidden service is not on a Tor server, and there is no other
> way for the attacker to build a list of candidates to ping, then the
> attack becomes a lot harder.

Yes, this is what we observed too; but found nothing about this in  
the FAQ
on hidden services and the default tor config is not set up to permit  
this configuration without
hackery.

Likewise [not in reference to hidden servers], it is better for Tor  
to use a different outbound
address to inbound, since the ORport addresses are published globally  
by Dirservers. Also
not mentioned to my knowledge.

Lucky.




More information about the tor-talk mailing list