Revealing tor hidden services by their clock skew
http://www.lightbluetouchpaper.org/2006/09/04/hot-or-not-revealing-hidden-services-by-their-clock-skew/ This is on the front page of reddit.com right now, so it should get some attention. Murdoch's paper is here: http://www.cl.cam.ac.uk/~sjm217/papers/ccs06hotornot.pdf
Re: being a middleman
Hello Roger, I've removed all trace of the word 'middleman' from the code, the docs, and the sample torrc file. So the only place you'll be encountering it is somebody else's docs or an old torrc file if you're using an old 0.1.0.x one. Are there places that I missed? By the way, the wiki has a reference to middleman http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#RunAServerBut If you want to avoid most if not all abuse potential, set it to reject *:*. This is called being a middleman node May I take the liberty to remove This is called being a middleman node from the wiki ? Pascal
Re: being a middleman
Pascal Levasseur wrote: May I take the liberty to remove This is called being a middleman node from the wiki ? Hi Pascal, i fixed it. Thal
Re: TOR Directory file
First of all, thanks !You're saying tonot rely on the cached-routers file (name and format), so what can I rely on as a list of all routers?this: http://serifos.eecs.harvard.edu/cgi-bin/exit.pl?textonly=1%22or maybe this: (notice that this is by the old format) http://moria.mit.edu:9031/tor/ ?Thanks!, Joe. Nick Mathewson [EMAIL PROTECTED] wrote: On Mon, Sep 04, 2006 at 12:19:27AM -0700, Joe Clark wrote: Hi, I don't want to be rude, but please answer my little question. Joe
Clark <[EMAIL PROTECTED]>wrote: Dear TOR users: I got a pretty newbie question to you guys: From where does TOR client take its routers' database ?The directory protocol is described athttp://tor.eff.org/svn/trunk/doc/dir-spec.txt In v-0.1.0.17 it was a file called "cached-directory". I upgraded to v-0.1.1.23 and I noticed some changes in the filename ("cached-routers" ?!) and in the file format.Indeed you did. The old protocol is athttp://tor.eff.org/svn/trunk/doc/dir-spec-v0.txtThe storage format is undocumented, and intentionally so: we maychange it without warning, so please don't rely on it. But basically,the old format was just to store a raw directory to disk. The newformat is to store a network status document for each authority in afile named cached-status/ (with the authority'sfingerprint given in hex); and to store the
router descriptorsconcatenated in cached-routers and cached-routers.new. The latter isappend-only, and used as a journal; periodically, we prune out unusedrouter descriptors and regenerate cached-routers.The source (in routerlist.c) should have full information.yrs,-- Nick Mathewson
Do you Yahoo!? Everyone is raving about the all-new Yahoo! Mail.
Re: TOR Directory file
On Tue, Sep 05, 2006 at 10:12:58AM -0700, Joe Clark wrote: First of all, thanks ! You're saying to not rely on the cached-routers file (name and format), so what can I rely on as a list of all routers? You can rely on cached-routers working for now, but we do not promise never to change it. Tor is under active development. (Similarly, we do not promise permanent backward compatibility with respect to any current protocol. We try to keep stable series working for at least a year (when we can), and we try not to change formats and protocols gratuitously, but that's about it.) this: http://serifos.eecs.harvard.edu/cgi-bin/exit.pl?textonly=1%22 I would suggest not if you require information to be 100% accurate and up-to-date; this site tends not to track updates to the directory format very quickly. or maybe this: (notice that this is by the old format) http://moria.mit.edu:9031/tor/ If you want to downlaod the info yourself, you should check out the document I suggested you read. It's here: The directory protocol is described at http://tor.eff.org/svn/trunk/doc/dir-spec.txt yrs, -- Nick Mathewson pgpCCGBuF1yex.pgp Description: PGP signature
Re: Earthlink's broken DNS affecting Tor nodes?
On Mon, 4 Sep 2006, numE wrote: Maybe http://www.orsn.net/ would be even better than opendns. OpenDns is commercial... orsn not. IIRC, OpenDNS does the same sort of Lie on NXDOMAIN foolishness that Earthlink has started doing, which is what the original poster was trying to escape. Doesn't ORSN use an alternate-root scheme where there's no real guarantee you're getting the same answers anyone using the one true root would get? I might be conflating my alternate-root quacks here, but I seem to recall their root delegations differ from the real ones. matto Andrew Del Vecchio schrieb: Alternatively, you can use OpenDNS's servers. See www.opendns.com. OpenDNS is very easy (just use their IP addresses), and quite fast. On the other hand, caching can be fast too, and give you slightly more security, as you'll be sending less requests, thus making traffic analysis a tad more labor intensive. Would you concur, Matt? ~Andrew [EMAIL PROTECTED]darwin Moral indignation is a technique to endow the idiot with dignity. - Marshall McLuhan
Re: Earthlink's broken DNS affecting Tor nodes?
Matt Ghali wrote: On Mon, 4 Sep 2006, numE wrote: Maybe http://www.orsn.net/ would be even better than opendns. OpenDns is commercial... orsn not. IIRC, OpenDNS does the same sort of Lie on NXDOMAIN foolishness that Earthlink has started doing, which is what the original poster was trying to escape. Doesn't ORSN use an alternate-root scheme where there's no real guarantee you're getting the same answers anyone using the one true root would get? I might be conflating my alternate-root quacks here, but I seem to recall their root delegations differ from the real ones. (Disclaimer, I work for OpenDNS.) If you're using OpenDNS, you disable all that stuff when you visit the preference page: http://www.opendns.com/prefs/ If you do that you'll get zero unexpected recursive dns behavior. Regards, Jacob Appelbaum
Re: Earthlink's broken DNS affecting Tor nodes?
On Tue, 05 Sep 2006, Matt Ghali wrote: Doesn't ORSN use an alternate-root scheme where there's no real guarantee you're getting the same answers anyone using the one true root would get? That's the point of ORSN. Should the real US-controlled root go nuts we still have some place that works. -- | .''`. ** Debian GNU/Linux ** Peter Palfrader | : :' : The universal http://www.palfrader.org/ | `. `' Operating System | `-http://www.debian.org/
Tor network signature detection
Nick, Roger, et al Does the ISP/network administrator know if a client is connected to the tor network or is the connection disguised? Essentially, does running tor create signatures? Regards, Arrakistor
Re: Earthlink's broken DNS affecting Tor nodes?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Does anyone else here use Ubuntu? I set OpenDNS as my domain resolvers, but DHCP later erased these settings. I should be able to have static DNS servers while using DHCP for my local IP address right? I tried adding the info to my dhcpclient.conf file, as per OpenDNS's instructions, but the settings won't take :( Jacob Appelbaum wrote: Matt Ghali wrote: On Mon, 4 Sep 2006, numE wrote: Maybe http://www.orsn.net/ would be even better than opendns. OpenDns is commercial... orsn not. IIRC, OpenDNS does the same sort of Lie on NXDOMAIN foolishness that Earthlink has started doing, which is what the original poster was trying to escape. Doesn't ORSN use an alternate-root scheme where there's no real guarantee you're getting the same answers anyone using the one true root would get? I might be conflating my alternate-root quacks here, but I seem to recall their root delegations differ from the real ones. (Disclaimer, I work for OpenDNS.) If you're using OpenDNS, you disable all that stuff when you visit the preference page: http://www.opendns.com/prefs/ If you do that you'll get zero unexpected recursive dns behavior. Regards, Jacob Appelbaum - -- Frivolous lawsuits. Unlawful government seizures. It's a scary world out there! Protect your privacy, keep what you earn, and even earn more income at: http://www.KeepYourAssets.net/?andrew -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFE/kCcgwZR2XMkZmQRAoAJAJwNbku9JH2a3NqvakOo6hVStLOT3gCgxEPz QQduIp5AoTKFfQPspP3zo04= =5995 -END PGP SIGNATURE-
