How do we defeat exit node sniffing?
Xizhi Zhu
xizhi.zhu at gmail.com
Fri Jun 6 02:08:25 UTC 2008
you have to try to do the authentication with SSL/TLS. if not, your username
and your password will be sent to the exit nodes first, and that's really
terrible!
2008/6/6, defcon <defconoii at gmail.com>:
>
> so what do you all suggest if I must authenticate to a non ssl connection?
> How do I do it anonymously and safely?
>
> On Thu, Jun 5, 2008 at 5:37 PM, Christopher Davis <loafier at gmail.com>
> wrote:
>
>> On Thu, Jun 05, 2008 at 05:01:34PM -0700, defcon wrote:
>> > What are some good ways to defeat exit node sniffing? Is there a
>> listing of
>> > good exit nodes that do not sniff?
>> > Thanks,
>> > defcon
>>
>>
>> Prefer TLS-enabled services, and mind the authenticity of server certs.
>> Or use Tor hidden services.
>>
>> --
>> Christopher Davis
>>
>
>
--
Use Tor to secure your surfing trace:
http://www.torproject.org/
My blog: http://xizhizhu.blogspot.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20080606/ce3bbda4/attachment.htm>
More information about the tor-talk
mailing list