multiple connections to ORPort from one IP address

F. Fox kitsune.or at gmail.com
Mon Jun 2 20:28:50 UTC 2008 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Scott Bennett wrote:
>      On Sun, 1 Jun 2008 10:51:33 -0400 Geoffrey Goodell
> <goodell at eecs.harvard.edu> wrote:
>> To: or-talk at freehaven.net
>> Cc: or-talk at seul.org
> 
>      Not sure here why you posted twice, but...
> 
>> On Sun, Jun 01, 2008 at 08:44:09AM -0500, Scott Bennett wrote:
>>>      I just noticed a case of six connections to my server's ORPort that all
>>> came from the same IP address.  I'm trying to think of some legitimate reason
>>> for more than one connection from a given IP address to a particular server's
>>> ORPort, but haven't come up with any yet.  Any ideas out there?
>> NAT
> 
>      How so?  Any tor process, whether client-only, server-only, or client-and-
> server, needs no more than one open connection to a particular tor server's
> ORPort.  What would a tor process making connections from behind a NAT server
> have to do with whether there were only one connection or were multiple
> connections?  One of us, I think, is missing the other's point, but I'm not
> sure which one here.

Multiple machines behind NAT - running their own Tor clients (as opposed
to using a network-level anonymizing middlebox) - would each form their
own circuits and connections. The very design of Tor is such that it
resists shenanigans at the firewall.

- --
F. Fox
AAS, CompTIA A+/Network+/Security+
Owner of Tor node "kitsune"
http://fenrisfox.livejournal.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIVAwUBSERYAuj8TXmm2ggwAQi9Tw/+KuzvaCWf7LrAmSBI99uZBueRF09htBJR
N8fmMyAlLmFQxmQRZCTSJ/a8gbEyKykjJLU4njqPwg2FDEtKzSG4Ar+qfKoXw6tt
sp7WUqs/Xgfzwn9Xr8l29KKtpFxhWdXDJciGbv0fBHp7XpqIksMhmxcA/F6HHxSW
a2AbCkfCRNPy+T2fl1CFgRtZxEs4WWXy5jqbM8JQFpAg+xepN05QDv5Zmp66l/Me
YIfW0sc2XAK+Rz8XlLz68q/bBTbZGIG3dtTMzD/1zUfpALWDq4YKuTS1MCqzETER
DJJ3FGJxn3nczEn5MnRD5t05Cz1RhR49I7szCsJAC25SJFY3H6mM0wB8VpfWc3VD
4JBCmllYRIIAQanQdj8Ena/YG2XLHjowR2s0nQGbLkkUt1lqlViKSCNVH82iaVdJ
q6Co5i9DnllG+Myky0HmTSZxUI0dXzMXansRLtwsJgrNrhIhVhyd2SxNxiYSOBVu
3f4Z0diJ0kQdCK0vGriUVPcEAgPdA3nmHq/as8qD3l2bNKqARpU1DWd44BVXG0sU
25q510ytGevFCqEtTTDcnDRMffXR31qP4pZEiKNQxLuRM9gXuG1eVI/UZKUrgGYr
wgHRihPSX9VaE5ixEviA8F7QrObJ/axBQcVczAnzGczOF4K5H3nGGzkip7h+V/PG
jayDeJxP/XU=
=kz/L
-----END PGP SIGNATURE-----

More information about the tor-talk mailing list