[tor-talk] torifying applications
Manuel
tor-talk at acanthephyra.net
Sat Jun 18 18:31:20 UTC 2011
On Sat, Jun 18, 2011 at 01:59:27PM -0400, nikhil dhar wrote:
> I am trying to see if it is possible to determine the identity of an attacker if he uses these applications behind tor.
There are a few existing papers on this subject, particularly on
unmasking the application someone is using through Tor's circuit reuse.
But of course, we'd be eager to hear from your results :)
> First, by bad performance do you mean throughput, cpu performance or latency(how quickly the replies are coming back).
You will have a very high latency on connection establishment (even
higher if there is no existing circuit, i.e. in the beginning and at
least every ten minutes, which is the circuit rotation duration).
CPU performance hit is negligible, unless you do something that is
very unusual.
Throughput is usually rather good after the connection is established.
>Also a socks proxy would not give the advantages of tor (as in
> the connections switching every n secs)??.
What are the advantages you would like to see?
Existing Tor circuits will be reused for 10 minutes, unless the circuit
breaks. See
https://trac.torproject.org/projects/tor/wiki/doc/TorFAQ#HowoftendoesTorchangeitspaths.
One thing that I hope you took into consideration: Tor only does TCP and
DNS (and the latter is an exaggeration - tor-resolve simply does a SOCKS RESOLVE). nmap by default pings first, for instance - this packet will be sent from
your real IP.
Cheers,
Manuel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20110618/bd5523f6/attachment.pgp>
More information about the tor-talk
mailing list