Active Attacks - Already in Progress?
Mike Perry
mikeperry at fscked.org
Fri Dec 3 01:04:33 UTC 2010
Thus spake Theodore Bagwell (toruser1 at imap.cc):
> On Sun, 28 Nov 2010 17:54 -0800, "Mike Perry" <mikeperry at fscked.org>
> wrote:
> > Rather than cripple the network by forcing more clients to use slower
> > nodes more often, we have opted to try to document the process of
> > running a high capacity Tor exit node:
> > http://archives.seul.org/tor/relays/Aug-2010/msg00034.html
>
> In my research (posted earlier to this list), I did not find an issue
> with exit relays. The relays which were reliably chosen as part of my
> circuit were often the first or second relay in my circuit - not the
> exit relay.
In this case, you are experiencing your guard nodes. This is a
protective measure where the Tor client remembers a set of 3 live
nodes and tries to use them for up to 2 months for its 1st hop... This
is done to protect against a wide variety of traffic analysis attacks.
--
Mike Perry
Mad Computer Scientist
fscked.org evil labs
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20101202/32fb1388/attachment.pgp>
More information about the tor-talk
mailing list