Since I doubt the suggested tests were performed, I did the work
instead. I reached the 'up' website, and timed out on the 'down'
one... both as expected. And I diffed the clearnet and tornet
versions of the 'up' one and they matched, sans 'alteration'.
If one can prove exo is the site with the ca
On Wed, 3 Feb 2010 17:16:26 -0500 grarpamp wrote:
>> passed the name to the exit node for SOCKS name-to-address resolution
>
>Oh, I see, I missed that. For a sec I was thinking it was httpd
>griping about Host:.
>
>> b) "exoassist" is a bad exit that inserts a web page into the stream returne
On Wed, 3 Feb 2010 16:00:09 -0500 Nick Mathewson
wrote:
>On Wed, Feb 3, 2010 at 1:53 PM, downie - wrote:
>
>> There's no 'return BAD_HOSTNAME' after the 'log_warn', so it's falling
>> through to 'return NORMAL_HOSTNAME' and also not null-teminating the string.
>
>Thanks for tracking that dow
> passed the name to the exit node for SOCKS name-to-address resolution
Oh, I see, I missed that. For a sec I was thinking it was httpd
griping about Host:.
> b) "exoassist" is a bad exit that inserts a web page into the stream returned
> to the client when a connection cannot be made.
> >That
On Wed, Feb 3, 2010 at 1:53 PM, downie - wrote:
> There's no 'return BAD_HOSTNAME' after the 'log_warn', so it's falling
> through to 'return NORMAL_HOSTNAME' and also not null-teminating the string.
Thanks for tracking that down! Should be fixed in 7d5d4f9f0385.
***
> Date: Sun, 31 Jan 2010 20:58:46 -0600
> From: benn...@cs.niu.edu
> To: or-t...@seul.org
> Subject: client bug in 0.2.2.7-alpha and a new bad exit: exoassist
> So it appears that a) there is a new tor client bug in 0.2.2.7-alpha
> that
> leaves the "exoassis
On Tue, 2 Feb 2010 22:21:12 -0500 grarpamp wrote:
>> One is in the HTTP(S) header, which can indeed be stripped by privoxy.
>
>HTTPS cannot be terminated, stripped and re-encapsulated by privoxy.
>It passes straight through. I still offer a gold doubloon to anyone who knows
Right you ar
On Tue, 2 Feb 2010 22:47:46 -0500 grarpamp
wrote:
>> When trying to fetch a web page from www.fibrlink.net, I was surprised to
>> get an error page back from someplace in Australia,
>
>That site is in Australia. And considering that that url is down right
>now, and that they're fronting it wi
> When trying to fetch a web page from www.fibrlink.net, I was surprised to
> get an error page back from someplace in Australia,
That site is in Australia. And considering that that url is down right
now, and that they're fronting it with squid, who knows what all's
pooched on their end. Before d
> One is in the HTTP(S) header, which can indeed be stripped by privoxy.
HTTPS cannot be terminated, stripped and re-encapsulated by privoxy.
It passes straight through. I still offer a gold doubloon to anyone who knows
of a good unix TLS proxy/munger. One can dream.
> tor handles a .nickname.exi
> Date: Tue, 2 Feb 2010 02:54:56 -0600
> From: benn...@cs.niu.edu
> To: downgeo...@hotmail.com; or-talk@freehaven.net
> Subject: RE: client bug in 0.2.2.7-alpha and a new bad exit: exoassist
>
>
> The real
> destination's name is then passed through the circuit f
On Mon, 1 Feb 2010 04:51:54 -0500 downie -
wrote:
>> Date: Sun=2C 31 Jan 2010 22:36:11 -0600
>> From: benn...@cs.niu.edu
>> To: flamsm...@gmail.com=3b or-talk@freehaven.net
>> Subject: Re: client bug in 0.2.2.7-alpha and a new bad exit: exoassist
>>=20
>>
On Mon, 1 Feb 2010 09:49:00 -0500 Flamsmark
wrote:
>On 31 January 2010 23:36, Scott Bennett wrote:
>
>> I don't see it as being useful for attack if the user
>> only uses it to test for bad exits.
>
>
>I was under the impression that the attack risk came from the possibility
>that a maliciou
> Date: Sun, 31 Jan 2010 22:36:11 -0600
> From: benn...@cs.niu.edu
> To: flamsm...@gmail.com; or-talk@freehaven.net
> Subject: Re: client bug in 0.2.2.7-alpha and a new bad exit: exoassist
>
> On Sun, 31 Jan 2010 23:10:42 -0500 Flamsmark
> wrote:
> >On 31 Januar
On Sun, 31 Jan 2010 23:10:42 -0500 Flamsmark
wrote:
>On 31 January 2010 21:58, Scott Bennett wrote:
>
>> So it appears that a) there is a new tor client bug in 0.2.2.7-alpha
>> that
>> leaves the "exoassist.exit" in the name passed along from its SOCKS
>> listener
>> to the destination p
On 31 January 2010 21:58, Scott Bennett wrote:
> So it appears that a) there is a new tor client bug in 0.2.2.7-alpha
> that
> leaves the "exoassist.exit" in the name passed along from its SOCKS
> listener
> to the destination port.
>
Isn't .exit deprecated because it's a potential vector fo
There's another bad exit on the loose. Its Nickname is "exoassist",
and its fingerprint is "39A6 74F8 2BFB 0195 860C 04DD E0F3 6B60 C09D C72A".
When trying to fetch a web page from www.fibrlink.net, I was surprised to
get an error page back from someplace in Australia, beginning with "The
req
17 matches
Mail list logo
