[tor-talk] Is this a practical vulnerability?

somepony somepony at spintrian.com
Fri Oct 19 15:01:39 UTC 2012


My question is, if you NEVER requested the 1 web page in the first 
place, would you have experienced the same attack?  I mean if I were 
looking for new live Tor services I would probably periodically just 
roll through unknown IPs and check for a live node (or something) as one 
layer of attack.  No live node, move on.  Live node not already 
discovered?  The fact that the node responds (in some manner I'm looking 
for) is enough information, it's possible I don't even care that it has 
anything to do with Tor.

Just a thought, it should be clear I have no idea what I'm talking 
about. e.g. I don't know what your middleman server not getting attacked 
indicates.

Anon Mus wrote:
>
> Within 24hrs of making that Tor hidden service live I could see, in my 
> firewall logs, hundreds of repeated attempts trying to hack my server, 
> directly from the internet, not via my hidden Tot service.
[...]
> Now bearing in mind that I had only EVER requested 1 web page (a blank 
> test page - requested about 4 times) from my own Torrified web browser 
> (out and back so to speak), and no OTHER (external)


More information about the tor-talk mailing list